Aufgrund von Wartungsarbeiten steht JLUpub am 18.05.2026 von 8:00 Uhr bis vorraussichtlich 11:00 Uhr nicht zur Verfügung.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Due to maintenance work, JLUpub will be unavailable on 18 May 2026 from 8.00 am until approximately 11.00 am.

LISA: A Scale-Optimized and Psychometrically-Validated Instrument for the Lightweight Assessment of Organizational Information Security Awareness in Heterogeneous Organizations

Thumbnail Image

Files

Langer et al. - LISA A Scale-Optimized and Psychometrically-Validated Instrument for the Lightweight Assessment of.pdf (403.53 KB)

Date

2026

Authors

Advisors/Reviewers

Further Contributors

Contributing Institutions

Publisher

Journal Title

Journal ISSN

Volume Title

Publisher

License

In Copyright
In Copyright

Quotable link

https://doi.org/10.22029/jlupub-20830

Abstract

Human factors are central to an organization’s information security. Information Security Awareness (ISA) is a key construct in behavioral and organizational models explaining employees’ security compliance. However, existing ISA measures often lack theoretical grounding, psychometric rigor, and organizational relevance, or are too lengthy and complex for practical application. These shortcomings hinder empirical testing of behavioral models and the integration of ISA as a variable in organizational research. This paper introduces the Lightweight Information Security Awareness (LISA) scale – the first theory-based, psychometrically validated, and cross-language scale for efficiently assessing ISA in heterogeneous organizational contexts, balancing measurement precision with practical feasibility. Validation involved 1,182 participants from survey panels and 579 employees of a large German university hospital, representing a heterogeneous workforce. LISA demonstrates high internal consistency, measurement invariance across English and German, and strong construct and ecological validity. By correlating LISA with 11 enablers and barriers of organizational information security and differentiating it by a heterogeneous workforce in a hospital context, we demonstrate its ability to support both scientific investigations and practical assessments. LISA provides a quick, reliable, valid, and practical solution for measuring organizational ISA, ultimately offering researchers and practitioners without psychometric expertise a validated tool that is applicable in both behavioral models and everyday organizational environments.

Link to publications or other datasets

Description

Notes

Accepted for publication in: 2026 IEEE Symposium on Security and Privacy (SP).

Original publication in

Original publication in

Anthology

Collections

Zweitveröffentlichungen (grüner Weg)

URI of original publication

https://doi.ieeecomputersociety.org/10.1109/SP63933.2026.00174

Forschungsdaten

Series

Citation