MedISA Logo


Medical Centre Employee Centered Information Security Awareness


Im Rahmen der MedISA-Forschung wurden verschiedene Messinstrumente zur Erfassung der Information Security Awareness in einem Katalog zusammengestellt, die für weitere Forschungsarbeiten und praktische Anwendungen genutzt werden können.

Die zusammengestellten Instrumente bieten Hinweise auf Reliabilität und Validität, die wissenschaftlichen Gütekriterien sind jedoch von unterschiedlicher Qualität. Weitere Hinweise entnehmen Sie den dazugehörigen Publikationen.

Katalog titles.catalogue | MedISA

Security Behavior Intentions Scale (SeBIS)

Autoren: Egelman S., Peer E.
Titel der Veröffentlichung: Scaling the Security Wall: Developing a Security Behavior Intentions Scale (SeBIS).
Jahr: 2015

Sprache der Items: Englisch
Anzahl an Items: 16
Reliabilität: Composite reliability (0.64 - 0.78)
Validität: Konstrukt-, diskriminante und nomologische Validität

Antwort Spezifikation: Five-point Likert scale (Strongly disagree to Strongly agree)

I set my computer screen to automatically lock if I don’t use it for a prolonged period of time.
I use a password/passcode to unlock my laptop or tablet.
I manually lock my computer screen when I step away from it.
I use a PIN or passcode to unlock my mobile phone.
I do not change my passwords, unless I have to.
I use different passwords for different accounts that I have.
When I create a new online account, I try to use a password that goes beyond the site’s minimum requirements.
I do not include special characters in my password if it’s not required.
When someone sends me a link, I open it without first verifying where it goes.
I know what website I’m visiting based on its look and feel, rather than by looking at the URL bar.
I submit information to websites without first verifying that it will be sent securely (e.g., SSL, “https://”, a lock icon).
When browsing websites, I mouseover links to see where they go, before clicking them.
If I discover a security problem, I continue what I was doing because I assume someone else will fix it.
When I’m prompted about a software update, I install it right away.
I try to make sure that the programs I use are up-to-date.
I verify that my anti-virus software has been regularly updating itself.