Vaš brskalnik ne omogoča JavaScript!
JavaScript je nujen za pravilno delovanje teh spletnih strani. Omogočite JavaScript ali pa uporabite sodobnejši brskalnik.
Nacionalni portal odprte znanosti
Odprta znanost
DiKUL
slv
|
eng
Iskanje
Brskanje
Novo v RUL
Kaj je RUL
V številkah
Pomoč
Prijava
A systematic review of scales for measuring information security culture
ID
Orehek, Špela
(
Avtor
),
ID
Petrič, Gregor
(
Avtor
)
PDF - Predstavitvena datoteka,
prenos
(398,86 KB)
MD5: 6A89CC4E1E93506D74691E57C9792971
URL - Izvorni URL, za dostop obiščite
https://www.emerald.com/insight/content/doi/10.1108/ICS-12-2019-0140/full/html
Galerija slik
Izvleček
Purpose – The concept of information security culture, which recently gained increased attention, aims to comprehensively grasp socio-cultural mechanisms that have an impact on organizational security. Different measurement instruments have been developed to measure and assess information security culture using survey-based tools. However, the content, breadth and face validity of these scales vary greatly. This study aims to identify and provide an overview of the scales that are used to measure information security culture and to evaluate the rigor of reported scale development and validation procedures. Design/methodology/approach – Papers that introduce a new or adapt an existing scale of information security culture were systematically reviewed to evaluate scales of information security culture. A standard search strategy was applied to identify 19 relevant scales, which were evaluated based on the framework of 16 criteria pertaining to the rigor of reported operationalization and the reported validity and reliability of the identified scales. Findings – The results show that the rigor with which scales of information security culture are validated varies greatly and that none of the scales meet all the evaluation criteria. Moreover, most of the studies provide somewhat limited evidence of the validation of scales, indicating room for further improvement. Particularly, critical issues seem to be the lack of evidence regarding discriminant and criterion validity and incomplete documentation of the operationalization process. Research limitations/implications – Researchers focusing on the human factor in information security need to reach a certain level of agreement on the essential elements of the concept of information security culture. Future studies need to build on existing scales, address their limitations and gain further evidence regarding the validity of scales of information security culture. Further research should also investigate the quality of definitions and make expert assessments of the content fit between concepts and items. Practical implications – Organizations that aim to assess the level of information security culture among employees can use the results of this systematic review to support the selection of an adequate measurement scale. However, caution is needed for scales that provide limited evidence of validation. Originality/value – This is the first study that offers a critical evaluation of existing scales of information security culture. The results have decision-making value for researchers who intend to conduct survey-based examinations of information security culture.
Jezik:
Angleški jezik
Ključne besede:
information security culture
,
information security
,
measurement
,
scales
,
validity
,
systematic review
,
surveys
,
assessments
,
methodology
,
meta-analysis
Vrsta gradiva:
Članek v reviji
Tipologija:
1.01 - Izvirni znanstveni članek
Organizacija:
FDV - Fakulteta za družbene vede
Status publikacije:
Objavljeno
Različica publikacije:
Objavljena publikacija
Leto izida:
2021
Št. strani:
Str. 133-158
Številčenje:
Vol. 29, no. 1
PID:
20.500.12556/RUL-124723
UDK:
303:004.056
ISSN pri članku:
2056-497X
DOI:
10.1108/ICS-12-2019-0140
COBISS.SI-ID:
45116931
Datum objave v RUL:
12.02.2021
Število ogledov:
1746
Število prenosov:
345
Metapodatki:
Citiraj gradivo
Navadno besedilo
BibTeX
EndNote XML
EndNote/Refer
RIS
ABNT
ACM Ref
AMA
APA
Chicago 17th Author-Date
Harvard
IEEE
ISO 690
MLA
Vancouver
:
Kopiraj citat
Objavi na:
Gradivo je del revije
Naslov:
Information and computer security
Založnik:
Emerald
ISSN:
2056-497X
COBISS.SI-ID:
525153049
Licence
Licenca:
CC BY 4.0, Creative Commons Priznanje avtorstva 4.0 Mednarodna
Povezava:
http://creativecommons.org/licenses/by/4.0/deed.sl
Opis:
To je standardna licenca Creative Commons, ki daje uporabnikom največ možnosti za nadaljnjo uporabo dela, pri čemer morajo navesti avtorja.
Projekti
Financer:
ARRS - Agencija za raziskovalno dejavnost Republike Slovenije
Program financ.:
Young researchers
Financer:
ARRS - Agencija za raziskovalno dejavnost Republike Slovenije
Številka projekta:
P5-0168
Naslov:
Družboslovna metodologija, statistika in informatika
Podobna dela
Podobna dela v RUL:
Podobna dela v drugih slovenskih zbirkah:
Nazaj