As part of the MedISA research, various instruments for measuring Information Security Awareness have been compiled in a catalogue, which can be used for further research and practical applications.

The compiled instruments provide evidence of reliability and validity; however, the scientific quality criteria vary. For more information, please refer to the associated publications.

Name: The Human Aspects of Information Security Questionnaire (HAIS-Q)

Authors: Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., Zwaans, T.

DOI: https://doi.org/10.1016/j.cose.2017.01.004
Added: 2017

Name: Simplified Information Security Awareness Scale (SISA)

Authors: Schmidt T., Nøhr C., Koppel R.

DOI: https://doi.org/10.3233/SHTI210248
Added: 2021

Name: Information Security Attitude Questionnaire for Nurses (ISA-Q)

Authors: Kang J., Seomun G.

DOI: https://doi.org/10.1002/nop2.1353
Added: 2022

Name: Four Measurement Scales (4-MS)

Authors: Öğütçü G., Testik Ö. M., Chouseinoglou O.

DOI: https://doi.org/10.1016/j.cose.2015.10.002
Added: 2016

Name: Mobile Information Security Awareness Scale (MISAS)

Authors: Erdoğdu F., Gökoğlu S., Kara M.

DOI: https://doi.org/10.1108/OIR-04-2020-0129
Added: 2021

Name: Security Behavior Intentions Scale (SeBIS)

Authors: Egelman S., Peer E.

DOI: https://doi.org/10.1145/2702123.2702249
Added: 2015

Name: SABS ISO/IEC 17799 Scale with Focus on Hospitals (SIIS)

Authors: Aksu P. K., Kitapçi N. Ş., Çatar R. Ö., Mumcu G.

DOI: https://www.cabidigitallibrary.org/doi/full/10.5555/20163074395
Added: 2015

Name: Cyber Security Awareness Scale Based on Recommendation of ENISA and the U.S. HHS (CSAS)

Authors: Hyla, Tomasz, Fabisiak, Luiza

DOI: http://hdl.handle.net/10125/64215
Added: 2020

Name: End-User Security Attitudes Scale (SA-6)

Authors: Faklaris C., Dabbish L., Hong, J. I.

DOI: https://www.usenix.org/conference/soups2019/presentation/faklaris
Added: 2019

Name: Security Awareness Scale for Health Care Information Systems (SAS-HIPAA)

Authors: Mishra, S., Leone, G. J., Caputo, D. J., Calabrisi, R. R.

DOI: https://doi.org/10.48009/1_iis_2011_224-236
Added: 2011

Name: Hospital Staff’s Risky Cybersecurity Practices Scales (RCSPS)

Authors: Fauzi, M. A., Yeng, P., Yang, B., Rachmayani, D.

DOI: https://doi.org/10.1145/3465481.3470094
Added: 2021

Catalogue titles.catalogue | MedISA

Four Measurement Scales (4-MS)

Authors: Öğütçü G., Testik Ö. M., Chouseinoglou O.

Publication Title: Analysis of personal information security behavior and awareness.

DOI: https://doi.org/10.1016/j.cose.2015.10.002

Date: 2016

Language of Items: English

Number of Items: 80

Reliability: Cronbach’s alpha = 0.9345

Validity: Content Validity

Mark the following questions according to your opinion.

Conservative Behavior Scale (CBS), Risky Behavior Scale (RBS), Exposure to Offence Scale (EOS): 5-point Likert scale with "Always" , "Often", "Usually", "Rarely", "Never".

Risk Perception Scale (RPS): 5-point Likert scale with "Too Dangerous", "Dangerous", "Less Dangerous", "Safe", "No idea"

Item
I use my corporate e-mail address for my personal businesses as well.
I try to use original (licensed) software in my computer.
I use programs like virus screening, spy software, etc.
I use programs as security wall, advertisement preventing programs.
I use content filtering programs.
I use e-mail filtering software.
I am informed about the activities online by using follow up software.
I review temporary Internet files and Internet history.
I delete temporary Internet files and Internet history before leaving a public computer.
I use password for my files.
I use complicated and long passwords that cannot be easily guessed for my accounts on the Internet.
I use electronic/mobile signature.
I generally used the favorites list while entering the Internet sites.
I have a password to turn on my computer.
I turn off the automatic use aspect of my computer.
I pay attention whether the web sites I visit have SSL certificate.
I often change my passwords.
I change my wireless modem password.
If I send the same message to more than one person, I use blind carbon copy (BCC).
I do regular updates on the programs I use.

Item
I have had trouble due to computer viruses.
I have experienced financial loss as a result of online shopping.
My credit card has been copied.
I have had trouble since I shared my personal information on the Internet.
I experienced financial loss since I used electronic banking.
My personal information has been shared with third parties/published on the Internet without my authorization.
My user name and password related with my accounts on the Internet were accessed.
I have been insulted or threatened on the Internet by people I do not know.
I have had loss due to gambling web sites.
I have had loss due to social network sites.
I have had loss due to friendship sites.
I have faced with websites with violence or pornographic content while surfing on the Internet out of my intention.
My files on my computer have been stolen /deleted.
Fake accounts have been on behalf of my name.
Correspondence I did on the Internet was viewed or saved by others out of my desire or knowledge.

Item
I use Messenger, GTalk, Skype and similar chat programs.
I use e-mail as a way of communication.
I become a member of e-mail groups on the Internet.
I use Facebook, Twitter and similar social network sites.
I have more than one e-mail addresses.
I accept invitations for applications sent on social networks.
I use online banking.
I do shopping on the Internet.
I use web sites that provide e-citizenship services (identity number inquiry, social security premiums etc.).
I play online games.
I download/save music, movies, programs and files.
I watch online videos/movies.
I share my contact information on the Internet when required (Cell number, email, address).
I share my personnel information on the Internet when required (First and last name, date of birth etc.).
I transfer files while chat.
I give access to the files on my computer.
I use online banking at places where there is Internet access for public.
I share my passwords with others.
I keep my passwords written in places that can easily be found.
I open e-mails from strangers, download attachments.

Item
Antivirus Software
Spy programs (Keylogger, Screenlogger,Trojan etc.)
File sharing programs (Ares, LimeWire etc.)
Mobile codes such as ActiveX, JavaScript etc.
Web search engines (Internet Explorer, Mozilla Firefox, Google Chrome etc.)
Chat programs (Messenger, etc.)
Undesired/ Spam / Junk e-mail
Online games
USB/External memory
MS Office applications (Word, Excel etc.)
Use of keyboard
Use of copy/pirated program
Downloading materials such as music/photo/movie without paying anything
Opening e-mails with advertising content
Use of online banking
Sharing chat / information with strangers online
Shopping online
Entering pornographic web sites
Entering gambling web sites
Becoming a member to social networks (Facebook, Twitter etc.)
Use of Bluetooth
Use of wireless modem
Loading money to phone on Internet
Use of unlicensed or free security program
Virus software

MedISA

Medical Centre Employee Centered Information Security Awareness

Catalogue

Four Measurement Scales (4-MS)

Instructions and response specifications

Measurement Scale

Conservative Behavior Scale (CBS)

Exposure to Offence Scale (EOS)

Risky Behavior Scale (RBS)

Risk Perception Scale (RPS)