Drevin, LynetteKruger, HennieSteyn, Tjaart2017-01-162017-01-162006Drevin, L. et al. 2006. Value-focused assessment of information communication and technology security awareness in an academic environment. IFIP: International Federation for Information Processing, 201:448-453. (In Fischer-Hubner, S., Rannenberg, K., Yngstrom, L. & Lindskog, S., eds. Security and privacy in dynamic environments.) [https://doi.org/10.1007/0-387-33406-8_40]0-387-33406-8http://hdl.handle.net/10394/19777https://link.springer.com/chapter/10.1007%2F0-387-33406-8_40https://doi.org/10.1007/0-387-33406-8_40The aim of this paper is to introduce the approach of value-focused thinking when identifying information and communications technology (ICT) security awareness aspects. Security awareness is important to reduce human error, theft, fraud, and misuse of computer assets. A strong ICT security culture cannot develop and grow in a company without awareness programmes. How can personnel follow the rules when they don’t know what the rules are? [1] This paper focuses on ICT security awareness and how to identify key areas of concern to address in ICT security awareness programmes by making use of the value-focused approach. The result of this approach is a network of objectives where the fundamental objectives are the key areas of concern that can be used in decision making in security planningenBook chapter