testiranje kakovosti anketnega merskega inštrumenta
Abstract
Pri zagotavljanju informacijske varnosti v organizacijah pomembno vlogo igra človeški dejavnik, saj raziskave kažejo, da se večina zunanjih napadov in vdorov zgodi zaradi tveganih dejanj zaposlenih. S tega vidika je ključno, da se v organizaciji vzpostavi določena stopnja informacijske varnostne kulture, ki se nanaša na znanje, vedenje in druge aktivnosti zaposlenih o informacijski varnosti. Pomemben vidik predstavlja merjenje le-te, kar organizacijam omogoča časovno primerjavo ter zaznavanje šibkih točk v informacijskem vedenju zaposlenih, odpravljanje teh pomanjkljivosti pa se kaže v višji stopnji informacijske varnostne kulture. Ker gre za mlado in še dokaj neraziskano področje, izziv predstavlja predvsem ustrezna opredelitev in operacionalizacija pojma informacijske varnostne kulture kot konstrukta ter oblikovanje veljavnega in zanesljivega merskega inštrumenta, ki bi omogočal izpeljavo analize z relevantnimi vsebinskimi ugotovitvami. Cilj naloge je oceniti kakovost krajše različice merskega orodja CLTRe Toolkit za merjenje informacijske varnostne kulture. Metodološka analiza temelji na preverjanju različnih tipov veljavnosti in zanesljivosti ter oceni prileganja modela. Rezultati kažejo, da izbrani merski inštrument ne dosega zadovoljivih ocen veljavnosti in zanesljivosti. Predlagane izboljšave bodo pripomogle k preoblikovanju vprašalnika, ki bo v prihodnje ponovno metodološko testiran. Oblikovanje kvalitetnega merskega inštrumenta za merjenje informacijske varnostne kulture ima velik pomen za razvoj tega področja, saj bo med prvimi, ki bo omogočal izpeljavo vsebinsko relevantnih ugotovitev o stopnji informacijske varnostne kulture v organizaciji.
Keywords
informacijska varnostna kultura;merjenje;anketni vprašalnik;veljavnost;zanesljivost;Metodologija;Varnost podatkov;Vprašalniki;Diplomska dela;
Data
Language: |
Slovenian |
Year of publishing: |
2018 |
Typology: |
2.11 - Undergraduate Thesis |
Organization: |
UL FDV - Faculty of Social Sciences |
Publisher: |
[Š. Orehek] |
UDC: |
303.62:004(043.2) |
COBISS: |
35993181
|
Views: |
1535 |
Downloads: |
486 |
Average score: |
0 (0 votes) |
Metadata: |
|
Other data
Secondary language: |
English |
Secondary title: |
Information security culture: testing the quality of the survey measurement instrument |
Secondary abstract: |
In the assurance of information security in organizations, the human factor plays a major role, as research shows that most of the external attacks and intrusions occur due to the risky acts of employees. From this point of view, it is crucial for the organization to establish with its employees a certain level of information security culture that relates to knowledge, behaviour and other activities. An important aspect is the measurement, which enables organizations time comparison and to detect weak points in the information behaviour of employees, as eliminating these deficiencies reflects in a higher level of information security culture. Since this is a young and yet unexplored area, the challenge is primarily the appropriate definition and operationalization of the concept of the information security culture as a construct, as well as the formation of a valid and reliable measuring instrument that would enable the analysis to be carried out on the findings. The aim of this thesis is to evaluate the quality of the short version of the CLTRe Toolkit survey questionnaire for measuring the information security culture. The methodological analysis is based on the verification of different types of validity, reliability and the assessment of the models fit. The results show that the selected measurement instrument does not achieve satisfactory evaluation of validity and reliability. The proposed improvements will contribute to reconstruct the questionnaire in order to be methodologically tested once again. Creating a quality measuring instrument for the information security culture is of great importance for the development of this field, since it will be one of the first to enable the relevant content findings of the level of information security culture in the organization. |
Secondary keywords: |
Methodology;Data security;Questionnaires;Graduate theses; |
Type (COBISS): |
Bachelor thesis/paper |
Study programme: |
0 |
Embargo end date (OpenAIRE): |
1970-01-01 |
Thesis comment: |
Univ. v Ljubljani, Fak. za družbene vede |
Pages: |
51 str. |
ID: |
10977115 |