The utilization of information technology as a tool that is widely believed to facilitate business processes within organizations is inseparable from challenges related to information security threats. According to the 2024 cyber incident report issued by the National Cyber and Crypto Agency (BSSN), data exposure threats accounted for 58.34%, with most incidents originating from the government administration sector. Humans are considered the weakest link in information security; therefore, the primary effort to improve security can begin with measuring the level of security awareness. Among the various work units within BPKP, Pusinfowas, as the central information technology management unit, is considered an appropriate sample for evaluation and is expected to contribute to improving information security awareness across other units. This study employs the Human Aspects of Information Security Questionnaire (HAIS-Q) model to measure the level of information security awareness among employees at Pusinfowas. The HAIS-Q model consists of three dimensions—knowledge, attitude, and behavior—and seven focus areas: password management, email use, internet use, social media use, mobile device use, information handling, and incident reporting. The results indicate that employees’ information security awareness is at a “Good” level, with scores ranging between 80% and 100% across all HAIS-Q dimensions and focus areas.

government, HAIS-Q; information security awareness; information technology

R. Trimanadi and D. I. Sensuse, “Constraints Assessment in Implementation of Indonesian Government Enterprise Architecture: A Review,” in 2024 International Conference on Smart Computing, IoT and Machine Learning, SIML 2024, Institute of Electrical and Electronics Engineers Inc., 2024, pp. 145–149. DOI: 10.1109/SIML61815.2024.10578101.

T. Alharbi, “A Holistic Evaluation Model for Information Security Awareness Programs in Work Environment,” in Proceedings of the 2023 8th International Conference on Mobile and Secure Services, MobiSecServ 2023, Institute of Electrical and Electronics Engineers Inc., 2023. DOI: 10.1109/MobiSecServ58080.2023.10329041.

Badan Siber dan Sandi Negara, “Lanskap Keamanan Siber Indonesia 2024,” Jakarta, 2024.

Pusat Informasi Pengawasan, “Laporan Kinerja Triwulan 1 2025,” Jakarta, 2025.

R. Bisma, M. H. Negara, A. W. Purwita, B. Sisephaputra, and D. F. Suyatno, “Measurement of Information Security Awareness Level on using Free Wi-Fi in Coffee Shop,” in 2024 7th International Conference on Vocational Education and Electrical Engineering: Charting the Course of Artificial Technology in Sustainable Society, ICVEE 2024, Institute of Electrical and Electronics Engineers Inc., 2024, pp. 12–18. DOI: 10.1109/ICVEE63912.2024.10823691.

H. Chen, Y. Zhang, S. Zhang, and T. Lyu, “Exploring the Role of Gamified Information Security Education Systems on Information Security Awareness and Protection Behavioral Intention,” Educ. Inf. Technol. (Dordr)., Vol. 28, No. 12, pp. 15915–15948, Dec. 2023, DOI: 10.1007/s10639-023-11771-z.

A. Kavak, “Impact of Information Security Awareness on Information Security Compliance of Academic Library Staff in Türkiye,” ., Vol. 50, No. 5, Sep. 2024, DOI: 10.1016/j.acalib.2024.102937.

R. Rohan, D. Pal, J. Hautamäki, S. Funilkul, W. Chutimaskul, and H. Thapliyal, “A Systematic Literature Review of Cybersecurity Scales Assessing Information Security Awareness,” Heliyon, Vol. 9, No. 3, Mar. 2023, DOI: 10.1016/j.heliyon.2023.e14234.

Rosihan and A. N. Hidayanto, “Measurement of Employee Information Security Awareness: A Case Study at an Indonesian Correctional Institution,” in 2022 1st International Conference on Information System and Information Technology, ICISIT 2022, Institute of Electrical and Electronics Engineers Inc., 2022, pp. 318–323. DOI: 10.1109/ICISIT54091.2022.9872988.

V. A. Effendy, Y. Ruldeviyani, M. M. Rifa’i, V. A. Rahmatika, W. Nur’aini, and Y. P. Sagala, “Measurement of Employee Information Security Awareness on Data Security: A Case Study at XYZ Polytechnic,” in 2022 1st International Conference on Information System and Information Technology, ICISIT 2022, Institute of Electrical and Electronics Engineers Inc., 2022, pp. 272–276. DOI: 10.1109/ICISIT54091.2022.9873077.

F. N. Shakti and A. N. Hidayanto, “Measurement of Employee Information Security Awareness: Case Study At Financial Institution,” JITK (Jurnal Ilmu Pengetahuan dan Teknologi Komputer), Vol. 9, No. 2, pp. 172–179, Feb. 2024, DOI: 10.33480/jitk.v9i2.4163.

E. Kritzinger, A. Da Veiga, and W. van Staden, “Measuring Organizational Information Security Awareness in South Africa,” Information Security Journal, Vol. 32, No. 2, pp. 120–133, 2023, DOI: 10.1080/19393555.2022.2077265.

N. S. D. Atlanta, C. Candiwan, P. K. Sari, and O. O. Sharif, “Information Security Awareness Evaluation of Telemedicine Application Users using Human Aspect Information System Questionnaire,” in 2022 IEEE 8th International Conference on Computing, Engineering and Design, ICCED 2022, Institute of Electrical and Electronics Engineers Inc., 2022. DOI: 10.1109/ICCED56140.2022.10010445.

F. Nyimbili and L. Nyimbili, “Types of Purposive Sampling Techniques with Their Examples and Application in Qualitative Research Studies,” British Journal of Multidisciplinary and Advanced Studies, Vol. 5, No. 1, pp. 90–99, Feb. 2024, DOI: 10.37745/bjmas.2022.0419.

J. Zhen, K. Dong, Z. Xie, and L. Chen, “Factors Influencing Employees’ Information Security Awareness in the Telework Environment,” Electronics (Switzerland), Vol. 11, No. 21, Nov. 2022, DOI: 10.3390/electronics11213458.

S. C. Izah, L. Sylva, and M. Hait, “Cronbach’s Alpha: A Cornerstone in Ensuring Reliability and Validity in Environmental Health Assessment,” Mar. 01, 2024, Engineered Science Publisher. DOI: 10.30919/esee1057.

M. A. Rasyidin, A. Putri, M. D. Lestari, R. Nurnajmah, and D. A. Safaraz, “Analisis Kesadaran Mahasiswa dalam Menjaga Keamanan Data Pribadi pada Penggunaan Media,” Jurnal Teknik Informatika dan Teknologi Informasi, Vol. 5, No. 3, pp. 752–761, Dec. 2025, DOI: 10.55606/jutiti.v5i3.6583.

N. Gede, P. S. Ananda, G. Arna, J. Saskara, B. Gede, and K. Yudistira, “Analisis Kesadaran Keamanan Informasi Penggunaan Layanan M-Banking menggunakan Human Aspects of Information Security Questionnaire,” 2025. [Online]. Available: https://djournals.com/jieee

T. Ramadhan and B. Purwandari, “Analisis Tingkat Kesadaran Keamanan Informasi: Studi Kasus Pengguna Aplikasi Perbankan Digital di Indonesia Guna Mencegah Social Engineering,” Syntax Idea, Vol. 5, p. 86, Jan. 2023, DOI: 10.36418/syntax-idea.v5i1.2113.

D. A. Perkasa and B. Setiawan, “Measuring Information Security Awareness Level of High School Students,” MALCOM: Indonesian Journal of Machine Learning and Computer Science, Vol. 4, No. 4, pp. 1301–1308, Jul. 2024, DOI: 10.57152/malcom.v4i4.1461.