{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T01:00:05Z","timestamp":1767920405139,"version":"3.49.0"},"reference-count":18,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2010,11,23]],"date-time":"2010-11-23T00:00:00Z","timestamp":1290470400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010,11,23]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>The dependence on human involvement and human behavior to protect information assets necessitates an information security awareness program to make people aware of their roles and responsibilities towards information security. The purpose of this paper is to examine the feasibility of an information security vocabulary test as an aid to assess awareness levels and to assist with the identification of suitable areas or topics to be included in an information security awareness program.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>A questionnaire has been designed to test and illustrate the feasibility of a vocabulary test. The questionnaire consists of two sections \u2013 a first section to perform a vocabulary test and a second one to evaluate respondents' behavior. Two different class groups of students at a university were used as a sample.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>The research findings confirmed that the use of a vocabulary test to assess security awareness levels will be beneficial. A significant relationship between knowledge of concepts (vocabulary) and behavior was observed.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>The paper introduces a new approach to evaluate people's information security awareness levels by employing an information security vocabulary test. This new approach can assist management to plan and evaluate interventions and to facilitate best practice in information security. Aspects of cognitive psychology and language were taken into account in this research project, indicating the interaction and influence between apparently different disciplines.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685221011095236","type":"journal-article","created":{"date-parts":[[2010,11,27]],"date-time":"2010-11-27T07:10:14Z","timestamp":1290841814000},"page":"316-327","source":"Crossref","is-referenced-by-count":59,"title":["A vocabulary test to assess information security awareness"],"prefix":"10.1108","volume":"18","author":[{"given":"Hennie","family":"Kruger","sequence":"first","affiliation":[]},{"given":"Lynette","family":"Drevin","sequence":"additional","affiliation":[]},{"given":"Tjaart","family":"Steyn","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022021720285102000_b1","doi-asserted-by":"crossref","unstructured":"Dhillon, G. (1999), \u201cManaging and controlling computer misuse\u201d, Information Management & Computer Security, Vol. 7 No. 4, pp. 171\u20105.","DOI":"10.1108\/09685229910292664"},{"key":"key2022021720285102000_b2","doi-asserted-by":"crossref","unstructured":"Furnell, S.M., Bryant, P. and Phippen, A.D. (2007), \u201cAssessing the security perceptions of personal internet users\u201d, Computers and Security, Vol. 26 No. 5, pp. 410\u201017.","DOI":"10.1016\/j.cose.2007.03.001"},{"key":"key2022021720285102000_b3","doi-asserted-by":"crossref","unstructured":"Kruger, H.A., Drevin, L. and Steyn, T. (2010), \u201cThe use of an information security vocabulary test to assess information security awareness \u2013 an exploratory study\u201d, in Clarke, N., Furnell, S. and von Solms, R. (Eds), Proceedings of the South African Information Security Multi\u2010Conference, Port Elizabeth, South Africa 17\u201018 May, Centre for Security, Communications & Network Research, University of Plymouth, Plymouth.","DOI":"10.1108\/09685221011095236"},{"key":"key2022021720285102000_b4","unstructured":"Maseti, O. and Pottas, D. (2006), \u201cA role\u2010based security awareness model for South African hospitals\u201d, Proceedings of the 6th Annual Information Security South Africa Conference, Sandton, South Africa, 5\u20107 July."},{"key":"key2022021720285102000_b5","unstructured":"Mullis, I.V.S., Martin, M.O. and Foy, P. (2005), IEA's TIMMS 2003, International Report on Achievement in the Mathematics Cognitive Domains, International Association for the Evaluation of Educational Achievement (IEA), Boston college, Boston, MA."},{"key":"key2022021720285102000_b6","unstructured":"Pentasafe Security Technologies (2002), Security Awareness Index Report: The State of Security Awareness among Organizations Worldwide, Pentasafe Security Technologies, Farnham."},{"key":"key2022021720285102000_b7","unstructured":"Pfleeger, C.P. and Pfleeger, S.L. (2007), Security in Computing, 4th ed., Prentice\u2010Hall, Upper Saddle River, NJ."},{"key":"key2022021720285102000_b8","unstructured":"PriceWaterhouseCoopers (2008), \u201cInformation security breaches survey\u201d, Technical report, available at: www.security\u2010survey.gov.uk (accessed 25 November 2009)."},{"key":"key2022021720285102000_b9","unstructured":"Robinson\u2010Riegler, G. and Robinson\u2010Riegler, B. (2008), Cognitive Psychology Applying the Science of Mind, Pearson, Boston, MA."},{"key":"key2022021720285102000_b10","unstructured":"Russel, S. and Norvig, P. (1995), Artificial Intelligence: A Modern Approach, Prentice\u2010Hall, Englewood Cliffs, NJ."},{"key":"key2022021720285102000_b11","unstructured":"SANS (2005), E\u2010mail Security Threats, SANS Institute InfoSec Reading Room, Bethesda, MA."},{"key":"key2022021720285102000_b12","unstructured":"Schlienger, T. and Teufel, S. (2003), \u201cInformation security culture \u2013 from analysis to change\u201d, South African Computer Journal, Vol. 31, pp. 46\u201052."},{"key":"key2022021720285102000_b13","unstructured":"Slater, A. and Bremner, G. (2005), An Introduction to Developmental Psychology, Blackwell, Padstow."},{"key":"key2022021720285102000_b15","unstructured":"van der Walt, M.S. (2008), \u201cAanpassing van die studie ori\u00ebntasievraelys in Wiskunde vir gebruik in die intermedi\u00eare fase\u201d, PhD dissertation, North\u2010West University, Potchefstroom."},{"key":"key2022021720285102000_b14","doi-asserted-by":"crossref","unstructured":"van der Walt, M.S., Maree, K. and Ellis, S. (2008), \u201cA mathematics vocabulary questionnaire for use in the intermediate phase\u201d, South African Journal of Education, No. 28, pp. 489\u2010504.","DOI":"10.15700\/saje.v28n4a210"},{"key":"key2022021720285102000_b16","unstructured":"van Niekerk, J.F. (2005), \u201cEstablishing an information security culture in organizations: an outcomes based education approach\u201d, M dissertation, Nelson Mandela Metropolitan University, Port Elizabeth."},{"key":"key2022021720285102000_b17","doi-asserted-by":"crossref","unstructured":"van Niekerk, J.F. and von Solms, R. (2004), \u201cCorporate information security education: is outcomes based education the solution?\u201d, paper presented at the 10th IFIP WG11.1 Annual Working Conference on Information Security Management, World Computer Congress (WCC), Toulouse.","DOI":"10.1007\/1-4020-8145-6_1"},{"key":"key2022021720285102000_b18","doi-asserted-by":"crossref","unstructured":"von Solms, R. (1998), \u201cInformation security management (3): the code of practice for information security management (BS7799)\u201d, Information Management & Computer Security, Vol. 6 No. 5, pp. 224\u20105.","DOI":"10.1108\/09685229810240158"}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685221011095236","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221011095236\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221011095236\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:20Z","timestamp":1753402160000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/18\/5\/316-327\/179047"}},"subtitle":[],"editor":[{"given":"Steven M.","family":"Furnell","sequence":"first","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2010,11,23]]},"references-count":18,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2010,11,23]]}},"alternative-id":["10.1108\/09685221011095236"],"URL":"https:\/\/doi.org\/10.1108\/09685221011095236","relation":{},"ISSN":["0968-5227"],"issn-type":[{"value":"0968-5227","type":"print"}],"subject":[],"published":{"date-parts":[[2010,11,23]]}}}