The use of an information security vocabulary test to assess information security awareness: an exploratory study

Abstract

The dependence on human involvement and human behavior to protect information assets makes it necessary to have an information security awareness program to make people aware of their roles and responsibilities towards information security. The aim of this paper is to examine the feasibility of an information security vocabulary test as an aid to assess awareness levels and to help with the identification of suitable areas or topics to be included in an information security awareness program. The use of such a vocabulary test is illustrated and results obtained suggest that information security awareness vocabulary tests are useful and should be considered when planning and developing an information security awareness program