Evaluating readability as a factor in information security policies

Alkhurayyif, Yazeed and Weir, George R S (2017) Evaluating readability as a factor in information security policies. International Journal of Trend in Research and Development. pp. 54-64. ISSN 2394-9333 (http://www.ijtrd.com/ViewFullText.aspx?Id=14635)

[thumbnail of Alkhurayyif-Weir-IJTRD-2017-Evaluating-readability-as-a-factor-in-information-security-policies]
Text. Filename: Alkhurayyif_Weir_IJTRD_2017_Evaluating_readability_as_a_factor_in_information_security_policies.pdf
Final Published Version

Download (431kB)| Preview


Researchers have designed a number of software readability metrics that evaluate how difficult a passage is to comprehend; yet, little is known about the impact of readability on the interpretation of information security policies (ISPs) and whether experiment of readability may prove to be a useful factor. This paper examines and compares eight ISP documents on nine mechanical readability formula results with outcomes from a human-based comprehension test. The primary focus is to identify if we might rely on a software readability measure for assessing the difficulty of a text document in the domain of Information Security Policies. Our results reveal that traditional readability metrics are ineffective in predicting the human estimation. Nevertheless, readability, as measured using a bespoke readability metric, may yield useful insight upon the likely difficulty that end-users face in comprehending an ISP document. Thereby, our study aims to provide a means to enhance the comprehensibility of ISPs.