MedISA
Medical Centre Employee Centered Information Security Awareness
Catalogue
As part of the MedISA research, various instruments for measuring Information Security Awareness have been compiled in a catalogue, which can be used for further research and practical applications. The compiled instruments provide evidence of reliability and validity; however, the scientific quality criteria vary. For more information, please refer to the associated publications.
Name: The Human Aspects of Information Security Questionnaire (HAIS-Q) DOI: https://doi.org/10.1016/j.cose.2017.01.004
Added: 2017
Added: 2017
Name: Simplified Information Security Awareness Scale (SISA) DOI: https://doi.org/10.3233/SHTI210248
Added: 2021
Added: 2021
Name: Information Security Attitude Questionnaire for Nurses (ISA-Q) DOI: https://doi.org/10.1002/nop2.1353
Added: 2022
Added: 2022
Name: Mobile Information Security Awareness Scale (MISAS) DOI: https://doi.org/10.1108/OIR-04-2020-0129
Added: 2021
Added: 2021
Name: Security Behavior Intentions Scale (SeBIS) DOI: https://doi.org/10.1145/2702123.2702249
Added: 2015
Added: 2015
Name: SABS ISO/IEC 17799 Scale with Focus on Hospitals (SIIS) DOI: https://www.cabidigitallibrary.org/doi/full/10.5555/20163074395
Added: 2015
Added: 2015
Name: Cyber Security Awareness Scale Based on Recommendation of ENISA and the U.S. HHS (CSAS) DOI: http://hdl.handle.net/10125/64215
Added: 2020
Added: 2020
Name: End-User Security Attitudes Scale (SA-6) DOI: https://www.usenix.org/conference/soups2019/presentation/faklaris
Added: 2019
Added: 2019
Name: Security Awareness Scale for Health Care Information Systems (SAS-HIPAA) DOI: https://doi.org/10.48009/1_iis_2011_224-236
Added: 2011
Added: 2011
Name: Hospital Staff’s Risky Cybersecurity Practices Scales (RCSPS) DOI: https://doi.org/10.1145/3465481.3470094
Added: 2021
Added: 2021
Security Behavior Intentions Scale (SeBIS)
Response Specification: Five-point Likert scale (Strongly disagree to Strongly agree)
| Item |
|---|
| I set my computer screen to automatically lock if I don’t use it for a prolonged period of time. |
| I use a password/passcode to unlock my laptop or tablet. |
| I manually lock my computer screen when I step away from it. |
| I use a PIN or passcode to unlock my mobile phone. |
| Item |
|---|
| I do not change my passwords, unless I have to. |
| I use different passwords for different accounts that I have. |
| When I create a new online account, I try to use a password that goes beyond the site’s minimum requirements. |
| I do not include special characters in my password if it’s not required. |
| Item |
|---|
| When someone sends me a link, I open it without first verifying where it goes. |
| I know what website I’m visiting based on its look and feel, rather than by looking at the URL bar. |
| I submit information to websites without first verifying that it will be sent securely (e.g., SSL, “https://”, a lock icon). |
| When browsing websites, I mouseover links to see where they go, before clicking them. |
| If I discover a security problem, I continue what I was doing because I assume someone else will fix it. |
| Item |
|---|
| When I’m prompted about a software update, I install it right away. |
| I try to make sure that the programs I use are up-to-date. |
| I verify that my anti-virus software has been regularly updating itself. |