{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:24:21Z","timestamp":1763457861914,"version":"3.28.0"},"reference-count":77,"publisher":"IEEE","license":[{"start":{"date-parts":[[2019,9,1]],"date-time":"2019-09-01T00:00:00Z","timestamp":1567296000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2019,9,1]],"date-time":"2019-09-01T00:00:00Z","timestamp":1567296000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2019,9,1]],"date-time":"2019-09-01T00:00:00Z","timestamp":1567296000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019,9]]},"DOI":"10.1109\/nextcomp.2019.8883535","type":"proceedings-article","created":{"date-parts":[[2019,10,29]],"date-time":"2019-10-29T00:25:08Z","timestamp":1572308708000},"page":"1-6","source":"Crossref","is-referenced-by-count":8,"title":["An Analysis of Assessment Approaches and Maturity Scales used for Evaluation of Information Security and Cybersecurity User Awareness and Training Programs: A Scoping Review"],"prefix":"10.1109","author":[{"given":"Khangwelo","family":"Muronga","sequence":"first","affiliation":[]},{"given":"Marlein","family":"Herselman","sequence":"additional","affiliation":[]},{"given":"Adele","family":"Botha","sequence":"additional","affiliation":[]},{"given":"Adele","family":"Da Veiga","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref73","first-page":"0","article-title":"A Maturity model for hospital information systems","author":"carvalho","year":"2017","journal-title":"J Bus Res"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1109\/SAI.2015.7237313"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1109\/Kaleidoscope.2014.6858466"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.73"},{"key":"ref76","first-page":"1","article-title":"Soft design science methodology","author":"baskerville","year":"2014","journal-title":"Proc 4th Int Conf Des Sci Res Inf Syst Technol - DESRIST ’09"},{"key":"ref77","first-page":"1","article-title":"Evaluating an Artifact in Design Science Research’, Proc. 2015 Annu. Res. Conf. South African Inst. Comput","author":"herselman","year":"2015","journal-title":"Sci Inf Technol - SAICSIT ’15"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.23919\/CISTI.2017.7975865"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/I4CT.2015.7219569"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2015.01.005"},{"key":"ref38","first-page":"218","article-title":"Information Security Awareness Measurement with Confirmatory Factor Analysis","author":"brown","year":"2014"},{"key":"ref33","first-page":"606","article-title":"A systematic review of approaches to assessing cybersecurity awareness","volume":"52","author":"parsons","year":"2015","journal-title":"Comput Secur"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.compedu.2008.06.011"},{"key":"ref31","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1080\/19393550802492487","article-title":"Investigating Information Security Awareness?: Research and Practice Gaps Investigating Information Security Awareness?: Research and Practice Gaps","volume":"17","author":"karyda","year":"2008","journal-title":"nformation Secur J A Glob Perspect"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1002\/2327-6924.12380"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/ICITST.2014.7038814"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/ITNG.2014.67"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.4018\/jisp.2012070102"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1108\/K-12-2014-0283"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1108\/09593841211254358"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1016\/j.istr.2011.12.002"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1108\/17542731111139455"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2015.12.151"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1080\/1364557032000119616"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1007\/s11042-013-1727-y"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijnurstu.2009.02.010"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.04.009"},{"key":"ref66","first-page":"44","article-title":"From Information Security Awareness to Reasoned Compliant Action’, ACM SIGMIS Database DATABASE Adv","volume":"48","author":"bauer","year":"2017","journal-title":"Inf Syst"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1016\/j.jclinepi.2014.03.013"},{"key":"ref67","first-page":"1","article-title":"Need for Information Security Policies Compliance?: A Perspective in Higher Education Institutions","author":"hina","year":"2017","journal-title":"Proc Int Conf Res Innovation Inf Syst"},{"key":"ref68","doi-asserted-by":"crossref","first-page":"335","DOI":"10.1016\/j.proeng.2011.11.2652","article-title":"An information security maturity evaluation mode","volume":"24","author":"ge","year":"2011","journal-title":"Procedia Eng"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1109\/FUZZY.2011.6007740"},{"key":"ref2","first-page":"1","article-title":"Computer and Internet use in the United States: 2013’, Am. Community Surv","volume":"28","author":"file","year":"2014","journal-title":"Reports"},{"journal-title":"Generations Online","year":"2009","author":"jones","key":"ref1"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.4018\/jsds.2010100105"},{"key":"ref22","article-title":"Comparative Study of Cybersecurity Capability Maturity Models","volume":"155","author":"calvo-manzano","year":"2017","journal-title":"September"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.17705\/1CAIS.02927"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1053\/apmr.2002.34286"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1037\/0021-9010.71.2.232"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1002\/jrsm.1123"},{"key":"ref25","first-page":"534","article-title":"Naturalistic Driving Studies?: the Effectiveness of the Methodology in Monitoring Driver Behaviour","author":"muronga","year":"2017"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/ICEEI.2017.8312399"},{"key":"ref51","first-page":"193","article-title":"A Framework for an Effective Information Security Awareness Program in Healthcare A Case Study of Computer Game in Hospital Universiti Kebangsaan Malaysia","volume":"8","author":"ghazvini","year":"2017","journal-title":"Ijacsa Int J Adv Comput Sci Appl"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.19030\/rbis.v15i3.5398"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/ISSA.2011.6027524"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/ISSA.2011.6027505"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2009.12.005"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2010.27"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1108\/09685221011095236"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.08.001"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/REW.2017.47"},{"key":"ref10","first-page":"125","article-title":"Evaluating Cyber Security Awareness in South Africa","author":"grobler","year":"2011","journal-title":"10th Eur Conf Warf Secur"},{"journal-title":"Cyber security and global interdependence what is critical? Chatham House","year":"2013","author":"clemente","key":"ref11"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/2837185.2837237"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.10.007"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.12.003"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.chb.2016.11.065"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/1027802.1027882"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2006.02.008"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/2535813.2535823"},{"key":"ref18","first-page":"119","article-title":"Types of Evaluation","author":"salabarr\u00eda-pe\u00f1a","year":"2007","journal-title":"Pract use Progr Eval among Sex Transm Dis programs"},{"year":"2018","key":"ref19","article-title":"Program Evaluation and Performance Measurement at the EPA"},{"first-page":"38","article-title":"Internet for All A Framework for Accelerating Internet Access and Adoption","year":"2016","key":"ref4"},{"key":"ref3","first-page":"1","author":"baller","year":"2016","journal-title":"The Global Information Technology Report 2016"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.01.002"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/ES.2014.66"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.04.004"},{"key":"ref7","first-page":"92","article-title":"ISO\/IEC 27000, 27001 and 27002 for Information Security Management","volume":"4","author":"georg","year":"2013","journal-title":"J Inf Secur"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(15)30046-4"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.istr.2010.04.004"},{"key":"ref46","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1016\/j.cose.2015.10.002","article-title":"Analysis of personal information security behavior and awareness","volume":"56","author":"\u00f6?\u00fct\u00e7\u00fc","year":"2016","journal-title":"Comput Secur"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2010.08.001"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/SAI.2016.7556102"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(16)30073-2"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.3127\/ajis.v21i0.1697"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1080\/19393555.2015.1051676"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/SKIMA.2016.7916253"},{"key":"ref43","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1016\/S1353-4858(15)30035-0","article-title":"Building an Information Security Awareness Program","volume":"2015","author":"gardner","year":"2015","journal-title":"Netw Secur"}],"event":{"name":"2019 Conference on Next Generation Computing Applications (NextComp)","start":{"date-parts":[[2019,9,19]]},"location":"Mauritius","end":{"date-parts":[[2019,9,21]]}},"container-title":["2019 Conference on Next Generation Computing Applications (NextComp)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8882365\/8883436\/08883535.pdf?arnumber=8883535","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,19]],"date-time":"2022-07-19T20:23:01Z","timestamp":1658262181000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8883535\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,9]]},"references-count":77,"URL":"https:\/\/doi.org\/10.1109\/nextcomp.2019.8883535","relation":{},"subject":[],"published":{"date-parts":[[2019,9]]}}}