MedISA
Medical Centre Employee Centered Information Security Awareness
Katalog
Im Rahmen der MedISA-Forschung wurden verschiedene Messinstrumente zur Erfassung der Information Security Awareness in einem Katalog zusammengestellt, die für weitere Forschungsarbeiten und praktische Anwendungen genutzt werden können. Die zusammengestellten Instrumente bieten Hinweise auf Reliabilität und Validität, die wissenschaftlichen Gütekriterien sind jedoch von unterschiedlicher Qualität. Weitere Hinweise entnehmen Sie den dazugehörigen Publikationen.
Name: The Human Aspects of Information Security Questionnaire (HAIS-Q)
DOI: https://doi.org/10.1016/j.cose.2017.01.004
Added: 2017
Added: 2017
Name: Simplified Information Security Awareness Scale (SISA)
DOI: https://doi.org/10.3233/SHTI210248
Added: 2021
Added: 2021
Name: Information Security Attitude Questionnaire for Nurses (ISA-Q)
DOI: https://doi.org/10.1002/nop2.1353
Added: 2022
Added: 2022
Name: Mobile Information Security Awareness Scale (MISAS)
DOI: https://doi.org/10.1108/OIR-04-2020-0129
Added: 2021
Added: 2021
Name: Security Behavior Intentions Scale (SeBIS)
DOI: https://doi.org/10.1145/2702123.2702249
Added: 2015
Added: 2015
Name: SABS ISO/IEC 17799 Scale with Focus on Hospitals (SIIS)
DOI: https://www.cabidigitallibrary.org/doi/full/10.5555/20163074395
Added: 2015
Added: 2015
Name: Cyber Security Awareness Scale Based on Recommendation of ENISA and the U.S. HHS (CSAS)
DOI: http://hdl.handle.net/10125/64215
Added: 2020
Added: 2020
Name: End-User Security Attitudes Scale (SA-6)
DOI: https://www.usenix.org/conference/soups2019/presentation/faklaris
Added: 2019
Added: 2019
Name: Security Awareness Scale for Health Care Information Systems (SAS-HIPAA)
DOI: https://doi.org/10.48009/1_iis_2011_224-236
Added: 2011
Added: 2011
Name: Hospital Staff’s Risky Cybersecurity Practices Scales (RCSPS)
DOI: https://doi.org/10.1145/3465481.3470094
Added: 2021
Added: 2021
Hospital Staff’s Risky Cybersecurity Practices Scales (RCSPS)
Antwort Spezifikation: The scale asked participants to rate, on a scale of 0 to 4 (0 = Disagree, 1 = Slightly disagree, 2 = Neutral, 3 = Slightly agree, and 4 = Agree), how often they engaged in the specific practices in the last month.
| Item |
|---|
| In the last month, I usually write my user name and passwords on a piece of paper and stick the paper onto my computer for easy access. |
| In the last month, I sometimes visit at least one of the following websites using the hospital’s computer: social media; Dropbox and other public file storage systems; online music or videos sites; online newspapers and magazines; personal e-mail accounts; games; instant messaging services, etc. |
| In the last month, I did not often read the alert messages/emails concerning security. |
| In the last month, I sometimes click on a link in an email from an unknown sender. |
| In the last month, I usually postpone software updating activities (restarting, clicking to run an update, accepting to update or follow update schedule) of my computers at my workplace. |
| In the last month, I usually postpone backup activities when I am prompted. |
| In the last month, I usually do not prevent my colleagues from seeing patients’ records for a non-therapeutic purpose when I am working on a patients information on my laptop. |
| In the last month, I did not post patient information on social media. |
| In the last month, I sometimes share my passwords with my colleagues in hospital. |
| In the last month, I usually do not take any action when I notice my colleague ignoring information security rules. |
| In the last month, I usually talk about the patient condition in a shared patient ward in a hospital. |
| In the last month, I usually dispose of sensitive personal health information (patients diagnosis and personal data) in the hospital. |
| In the last month, I used a combination of letters, numbers, and symbols in my work passwords. |
| In the last month, I have changed my passwords. |