The overall information security culture average scores as well as individual statements for all four survey assessments were significantly more positive for employees who had read the information security policy compared with employees who had not. The overall information security culture also improved from one assessment to the next.
| Construct | Cites | Category | Questions given? | Content validity | Pretests | Response type | Notes |
|---|---|---|---|---|---|---|---|
| information security culture | Da Veiga, 2015 | no | none | none | 5-point Likert scale ranging from "strongly disagree" to "strongly agree" | ||
| information security awareness | Da Veiga, 2015 | no | none | none | 5-point Likert scale ranging from "strongly disagree" to "strongly agree" |
Adéle Da Veiga. Comparing the information security culture of employees who had read the information security policy and those who had not: Illustrated through an empirical study. Information and Computer Security, 24(2):139–151, June 2016. doi:10.1108/ICS-12-2015-0048.
@article{daveiga_comparing_2016,
author = {Da Veiga, Ad\'ele},
doi = {10.1108/ICS-12-2015-0048},
issn = {2056-4961},
journal = {Information and Computer Security},
language = {en},
month = {June},
number = {2},
pages = {139-151},
shorttitle = {Comparing the Information Security Culture of Employees Who Had Read the Information Security Policy and Those Who Had Not},
title = {Comparing the Information Security Culture of Employees Who Had Read the Information Security Policy and Those Who Had Not: {{Illustrated}} through an Empirical Study},
volume = {24},
year = {2016}
}