Information Security Policy Usability Scale: A Questionnaire for Evaluating the Usability of Information Security Policies

Effective information security policies are crucial for organisations to mitigate information security threats and risks. However, poorly designed information security policies can lead to hidden costs and decreased compliance in daily work routines. While behavioural factors like social norms, positive attitudes, and knowledge are well known to influence compliance, the usability of information security policies, which takes the context of use seriously, remains understudied,. To address this, we introduce the Information Security Policy Usability Scale (ISPUS), an adaptation of the widely recognised System Usability Scale (SUS). ISPUS assesses the usability of information security policies. Thereby, it supports both companies and works councils in ensuring the fit of the work context, individual skills, tools and the policy. By applying ergonomic principles, ISPUS aims to enhance information security policy design and support organisational security efforts.

Lawo, Dennis; Stevens, Gunnar (2024): Information Security Policy Usability Scale: A Questionnaire for Evaluating the Usability of Information Security Policies. Mensch und Computer 2024 - Workshopband. DOI: 10.18420/muc2024-mci-ws13-135. Gesellschaft für Informatik e.V.. MCI-WS13: Workshop Mensch-Maschine-Interaktion in sicherheitskritischen Systemen. Karlsruhe. 1.-4. September 2024

DOI

10.18420/muc2024-mci-ws13-135

Sammlungen

Workshopband MuC 2024

Komplettanzeige

Information Security Policy Usability Scale: A Questionnaire for Evaluating the Usability of Information Security Policies

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen