Abstract
This report covers the methodology of the Australian Business Assessment of Computer User Security (ABACUS) survey, including the survey instrument, sample design and selection, main data collection, and response rates. The ABACUS study was commissioned by the Australian Institute of Criminology (AIC) and involved undertaking a nationwide survey on computer security incidents against businesses. The survey defined a 'computer security incident' as 'any unauthorised use, damage, monitoring attack or theft of your business information technology'.