richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
iso27diy-corp/Corpus/Information Security/Seven Dimensions of Security Culture.md

1.3 KiB
Raw Permalink Blame History

The Seven Dimensions of Security Culture

The Security Culture Survey measures the sentiments of your users towards security in your organization the psychological and social aspects that drive social behavior. Specifically, the SCS measures seven dimensions of security culture which include:

  • ATTITUDES - The feelings and beliefs that employees have toward the security protocols and issues.
  • BEHAVIOR - The actions and activities of employees that have direct or indirect impact on the security of the organization.
  • COGNITION - The employees understanding, knowledge and awareness of security issues and activities.
  • COMMUNICATION - The quality of communication channels to discuss security-related events, promote a sense of belonging, and provide support for security issues and incident reporting.
  • COMPLIANCE - The knowledge of written security policies and the extent that employees follow them.
  • NORMS - Unwritten expectations regarding appropriate behaviors pertaining to usage of information technology in organizational context, perception of what practices are normal and unproblematic.
  • RESPONSIBILITY - The employees perceived role as a critical factor in sustaining or endangering the security of the organization.

https://research.knowbe4.com/security-culture-survey