AERODROM security climate: development and validation of the aerodrome security climate questionnaire (ADSECQ)

Large numbers of passengers and large amounts of goods are transported by air every year. This attracts the interest of terrorists, which poses high demands on aerodrome security. Technological solutions, and rules and regulations, have been widely implemented to detect security threats, but there is also a need for leading security indicators. Safety culture and climate have been identified as such leading indicators. The aim of this study was to develop and test a questionnaire instrument to measure aerodrome security climate. The development contained an expert focus group, expert panel, two pilot tests at four and five airports, respectively, and one full-scale study at nine Swedish commercial airports. The final instrument comprised 12 dimensions grounded in previous safety culture and climate research, and targeting three organizational levels. It had good psychometric properties and was validated against compliant as well as participative security behavior. We believe ADSECQ is suitable to evaluate the aerodrome security climate standard, pinpoint security climate areas for improvement, and evaluate the effect of interventions.


Introduction
Aerodromes are complex socio-technical systems comprising many different type organizations and actors (Kirschembaum, 2015), providing a variety of services to a large number of people and freighting large amounts of goods. Globally, nearly 3.1 billion air passengers were transported in 2013 (Gillen & Morrison, 2015). Since then, the number has increased (ACI, 2019) and is predicted to increase further (Bongiovanni & Newton, 2019). This poses high demands on aviation safety and security, which for some decades have been focal development areas in the aviation industry. Aviation safety and security has largely been managed reactively, based on the analysis of accidents and their causes (Oster, Strong, & Zorn, 2013) and security attacks (Klenka, 2019), but the need to find proactive approaches to improve aviation safety and security has been increasingly acknowledged (e.g. Oster et al., 2013). With this came the need to find leading, rather than lagging safety indicators, and develop methodology for proactive analysis and management of aviation safety (Bongiovanni & Newton, 2019) and security (Klenka, 2019).

Security in aviation
A fair amount of research interest over a number of years has been devoted to aviation safety, but research on aviation security developed later. While safety refers to preventing and mitigating risks leading to accidents generally originating in acts not intended to cause harm, security regards the protection against negative events originating from intentions to achieve malicious goals. The International Civil Aviation Organization (ICAO) defines aviation security as safeguarding international civil aviation against acts of unlawful interference (ICAO, 2017). According to ICAO, aviation security arose as a serious issue in the late 1960s, but provisions for international aviation security were first disseminated as Annex 17 to the Chicago Convention in 1974 (ICAO, 2017). Since then, and particularly from the 1990's, technological solutions have been widely implemented in terms of screening of passengers, baggage, and aerodrome employees, as well as securing restricted areas and terminal buildings and facilities (Adey, 2003;Gillen & Morrison, 2015;Kirschembaum, 2015;Salter, 2008). In addition, local security rules, regulations, and international standards (ICAO, 2017) have been implemented in aerodromes, aimed at detecting and eliminating threats to security. But technical solutions and formal systems seldom per se create sufficient security (Kirschembaum, 2015). The effectiveness of procedures and regulations depends on how they are put into practice. Employees do not always act in accordance with rules and regulations, and there may be several reasons for this (Bongiovanni & Newton, 2019). Employees are sometimes forced to make security related decisions in real time, in non-routine situations that may challenge their capacity to comply (Kirschembaum, 2015;Kirschenbaum, Mariani, Van Gulijik, Rapaport, & Lubasz, 2012). Atak and Kingma (2011) identified a paradoxical relationship between aviation safety and economic interests in an aircraft maintenance organization. Demands for a high aerodrome security level may also conflict with high efficiency or even with aviation safety (Pettersen & Björnskau, 2015). Such dilemma situations place high demands on the employees' ability to evaluate risks and prioritize wisely. Eng and Sullivan (2018) argue that the aerodrome employees should be enabled to "do the right thing rather than the easy thing" (Eng & Sullivan, 2018, p. 232), and that accountability, professionalism, and discipline, but also integrity and empowerment are important prerequisites. Formal information channels are important for security decision making in airport work, but informal group communication has also been shown to be an important source of information for such decisions (Kirschenbaum et al., 2012). Development work focusing on organizational and social factors is therefore called for to further strengthen aerodrome security.

Organizational safety culture and climate
The organizational safety culture or safety climate are considered leading indicators of organizational safety, which enable the organization to identify weaknesses and proactively develop safety (Falbruch & Wilpert, 1999;Flin, 1998;Flin, Mearns, O'Connor, & Bryden, 2000). Safety culture and climate are specific aspects of the more general organizational culture and climate (Guldenmund, 2000). In a comprehensive review of organizational culture and climate research, Schneider and colleagues integrated the numerous definitions of organizational culture as follows: "Culture is defined as the shared values and basic assumptions that explain why organizations do what they do and focus on what they focus on; it exists at a fundamental, perhaps preconscious, level of awareness, is grounded in history and tradition and is a source of collective identity and commitment" (Schneider, González-Roma, Ostroff, & West, 2017, p. 1-2). Organizational climate is generally considered a more temporal off-print of the organizational culture and was defined by the same authors as "a summary perception derived from a body of interconnected experiences with organizational policies, practices and procedures […] and observations of what is rewarded, supported, and expected in the organization" (Schneider et al., 2017, p. 1). Schneider and colleagues also stated that these summary perceptions become meaningful and shared through the interactions of people within the organization. Schneider (1975) suggests that the organizational climate provides psychologically meaningful descriptions of the organizational settings, a frame of reference for the employees, and a drive to attain congruence in their own behavior (Schneider, 1975). Schneider also suggests that the study of organizational climate, to be meaningful, should be domain specific and directed toward specific outcomes, such as e.g. safety. Organizational safety climate has been defined as workgroup members' shared perceptions of policy, procedures, and practice in relation to safety in the organization (Neal & Griffin, 2002;Zohar, 1980). In a workgroup where the shared safety climate is high, one may thus expect higher levels of safety behaviour and lower rates of safety negative events than in groups where the safety climate is low. There is strong empirical support for such a positive influence of several types of domain specific organizational climates on their respective outcomes, such as occupational safety (Beus, Payne, Bergman, & Arthur, 2010;Christian, Bradley, Wallace, & Burke, 2009;Glendon, 2008;Kuenzi & Schminke, 2009;Larsson-Tholén, Pousette, & Törner, 2013;Larsson, Pousette, & Törner, 2008), patient safety in healthcare (Kuenzi & Schminke, 2009;Neal & Griffin, 2006;Zohar, Livne, Tenne-Gazit, Admi, & Donchin, 2007), customer service (Schneider, 1990;Schneider, Bowen, Ehrhart, & Holcombe, 2000), and innovations (Anderson & West, 1998).
One of the first to define the essential aspects or dimensions of safety culture, Reason (1998), stated as the fundamental aspect, the ability of an organization to maintain a constant awareness that things may go wrong, or "not forgetting to be afraid" (Reason, 1998, p. 195). According to Reason, the ability to pick up weak signals of emerging risks relies on management being well informed and acquiring rich information from all parts and levels of the organization. Social support for employees to report errors and near-misses is therefore an important dimension of a good safety culture. Employees' propensity to report errors is, in turn, reliant on the their trust that the rapporteur will be treated fairly by managementa just culture (Reason, 1998). The ability of the organization to flexibly respond and adjust, based on the information acquired, and to learn from previous experience are other essential dimensions of a good safety culture (Reason, 1998). Since the organizational climate is based on observations of what is rewarded, supported, and expected in the organization (Schneider et al., 2017), the management's behaviour offers significant cues. This is confirmed by the large body of research on occupational safety climate identifying employees' shared perceptions of management priority of and commitment to safety as the most essential dimension of occupational safety climate (Beus et al., 2010;Christian et al., 2009;Flin et al., 2000;Seo, Torabi, Blair, & Ellis, 2004), something which has also been found in aviation safety research (Kao, Stewart, & Lee, 2009).
Although few studies have presented reliable results on the effect of aviation safety climate on aviation safety, such a positive relationship has been supported. Goodheart and Smith (2014) identified only four studies, among employees in flight operations, aircraft maintenance or aircraft ground handling and service, with sufficient quality to be included in a meta-analysis. With the reservation that studies with positive results are more likely to be published, which may compromise the credibility of a metaanalysis, particularly when based on so few studies, they concluded that there was a statistically significant moderate positive relation between aviation safety climate and safety performance (Goodheart & Smith, 2014).
To our knowledge, however, no questionnaire instrument to evaluate aerodrome security climate has been developed, psychometrically evaluated and presented in the research literature, and the role of security climate in relation to aerodrome security has not been investigated. Such questionnaire instruments could enable the measurement of the aerodrome security climate status and be used to evaluate the effect of intervention efforts targeting aerodrome security. They could also be used to monitor the effect on aerodrome security climate of different types of organizational change.

Aim of the present study
The aim of the present study was to develop and evaluate a questionnaire instrument to measure aerodrome security climate. In analogy with safety climate (Neal & Griffin, 2002;Zohar, 1980), we defined aerodrome security climate as shared perceptions among the members of a social unit, of policies, procedures and practices, in relation to aerodrome security. Also in analogy with safety climate (Cheyne, Cox, Oliver, & Tomas, 1998;Zohar, 2000), we suggest that it provides a measure of employees' perceptions of how aerodrome security is operationalized and prioritized by management and workgroup members, respectively at a particular moment in time.

Development principles for the questionnaire
The development work was based on a several design criteria. The questionnaire Aerodrome Security Climate Questionnaire (ADESCQ), should be based on organizational climate theory and empirical data. Reliability and validity should be ensured through a thorough development process in three phases: item generation, scale development, and scale evaluation (Schwab, 1980). In order to be suitable for comparative studies between aerodromes and groups within organizations, the questionnaire should be found reliable and valid at different aerodromes, and able to discriminate between organizations and workgroups. It should be suitable for research purposes as well as for practical purposes to evaluate the security climate standard, pinpoint security climate areas for improvement, and to evaluate the effect of security climate interventions. Schneider (1975) emphasized three principles regarding the study of organizational climate; A) the level of abstraction; B) the level of affection; and C) the level of analysis. These three principles guided the ADSECQ design.
Level of abstraction Although organizational climate is based on perceptions of organizational policies, procedures and practice it does not provide actual descriptions of such conditions, but of the shared interpretation of the meaning of those. A design criterion for ADSECQ was therefore that the questionnaire scales should capture generalized perceptions of workplace conditions.
Level of affection Organizational climate is a collectively shared social construct. Perceptions of organizational conditions may well be shared within an organizational unit, while affective evaluations of such conditions are basically individual. Therefore, measures of organizational climate should be based on perceptions of organizational conditions, not the respondents' attitudes towards these. This was decided as a design criterion for the ADSECQ questionnaire.
Level of analysis According to organizational climate theory, perceptions of policy, procedures and practices are collectively interpreted in the workgroup, through communication and social interaction. In this manner, members of a workgroup create shared theories on how the world is ordered. The level of theory is thus the organizational unit. Data should therefore both capture the collective phenomenon and be analyzed at this level. Since organizational climate measures generally use the individual as the data source, the questionnaire items should therefore have a referent-shift format, as recommended by Glisson and James (2002). This implies that the items should be worded so that the respondent is requested to answer as an observer and rapporteur of phenomena at the group or organizational level. This was a design criterion for ADSECQ.
Other design criteria were that ADSECQ should capture a sufficient number of different sub-dimensions of aerodrome security climate to be able to represent adequately this phenomenon. Further, previous research in occupational and patient safety indicate both the management and the workgroup as important sources of organizational climate evaluations (Kines et al., 2011;Pousette, Larsman, Eklöf, & Törner, 2017). Likewise, in a study of security at eight European airports, Kirschembaum (2015) found that security decisions were often group based and that co-workers influenced rule compliance. It was therefore decided as a design criterion, that the questionnaire should capture workgroup members' perceptions of management practice and priorities, but also practice and priorities among peers in their own workgroup. Finally, the questionnaire should include both negatively and positively worded items, to reduce the influence of stereotype response patterns (Podsakoff, MacKenzie, Lee, & Podsakoff, 2003).

Methods and participants
The scale development comprised three phases; item generation, scale development, and scale evaluation (Schwab, 1980), further described below. The development process involved staff in a variety of aerodrome security functions in two large organizations at three and four (phase one and two, respectively) and nine (phase three) government owned Swedish aerodromes, geographically well dispersed. The development work was performed in 2012-2015. The research team consisted of three senior researchers with a specialty in organizational psychology and safety climate and culture, and an expert in aerodrome safety and security.

Item generation; identification of important aspects of aerodrome security climate
Literature review and observations A review of the published literature and official documents on security in aviation was performed. Subsequently, the entire research team, guided by the aviation security expert in the team, made observations of the work in different security related functions at one aerodrome, and had the opportunity to speak to the employees. Based on these two development steps, six initial broad themes of aerodrome security were identified: reporting of negative events; rewards and sanctions for security related behaviors; responsibilities and perceived role legitimacy; organizational flexibility; workgroup cohesion and communication; and security education and training.
Focus group Eight persons, strategically selected from three different aerodromes, working in various aerodrome functions, and on different organizational levels, were invited to participate in the focus group. All accepted. The following personnel categories participated: one security manager, two aerodrome aviation safety managers, one manager of education and communication, one security coordinator, one security instructor, one representative from the consultant operative security company and one security screening operator. Before the interview, all participants gave their informed consent to participate. Two of the authors performed the focus group interview. The six initial broad themes of aerodrome security were presented as key words to the participants who were encouraged to bring up and discuss issues related to the themes as well as any additional relevant security related issue that emerged. The discussion was immediately vivid, did not deviate from the overall theme of aerodrome security, and the focus group leaders interfered as little as possible. The discussion was recorded and lasted for 1 h and 54 min.

Item generation; operationalization of the important aspects of aerodrome security climate
All research team members individually listened to the recorded interview and took notes, with the aim to refine the aerodrome security themes, identify subthemes that may be used to operationalize the important aspects of aerodrome security climate and generate tentative questionnaire items. The notes were then discussed within the entire research team, after which each team member individually presented their suggested subthemes by writing them down and posting on a whiteboard. Subthemes with a similar content were then ordered in categories or preliminary aerodrome security climate dimensions through discussions in the research team until consensus was reached. The dimensions were preliminarily named, in consensus. This procedure resulted in 13 preliminary dimensions that served as the basis for developing an item pool. Through this and two subsequent research team meetings a total of 190 items operationalizing the content of all categories were formulated in consensus.

Scale development; expert panel evaluation
To asses content validity, the intelligibility and relevance of the questionnaire dimensions and items, they were assessed by an aerodrome security expert panel. The panel members were also asked to consider if there were relevant aspects of aerodrome security that were not represented by the items. The panel consisted of one security operational team manager, one manager of education and communication, one security coordinator, one aerodrome aviation safety coordinator and one security screening operator (n = 5). The item pool was then revised based on the comments from the expert panel and reduced to a total of 167 items within 13 dimensions. Each dimension comprised 6-22 items, and 81 items were positively worded, 86 negatively. Items were formulated as statements concerning 3 different evaluation target levels: the aerodrome as a work place (24 items); the management of the company where the respondent was employed (44 items); and the workgroup (99 items).

Scale development; first pilot test
In order to refine the reliability and validity of the scales of the questionnaire, and reduce the number of items, two pilot tests were performed. In the first pilot test, a printed version of the first draft of the questionnaire was distributed to 324 security staff members working at four Swedish aerodromes. 135 respondents (42%) returned the questionnaire. Their age ranged from 21 to 66 years (M = 40.7, SD = 10.3), 70 (52%) were males, and 30 (22%) had a managerial position. The participants represented eight different workgroups working as security officers in command, security coordinators, patrolling guards and security screeners.
The questionnaire consisted of the revised item pool of 167 items emanating from the expert panel evaluation, as described above. The response format was specified as six set response alternatives: completely disagree (1), − completely agree (6), with an additional option: I don't know. The latter was coded as internal missing data and excluded in the analyses.
Eight demographic variables were added, regarding the participants' company-, aerodrome-and team affiliation, current job title, years of experience in the same type of job, tenure within the organization, tenure in current team, gender and age and whether the respondent had a management position within the organization.
Based on the statistical analysis (described in chapter Statistical analysis, below) redundant items were excluded, some were reworded, and the hypothesized factor structure revised. The revised questionnaire included 16 dimensions, each comprising 4-9 items. The total number of items was 97, 52 positively and 45 negatively worded, evaluating the three targets: the aerodrome as a work place (3 dimensions, 18 items); organizational management (4 dimensions, 24 items); and workgroup (9 dimensions, 55 items).

Scale development; second pilot test
In the second pilot test, 275 questionnaires were distributed to security staff members (security officers in command, security coordinators, patrolling guards and security screeners) in 24 workgroups within in two companies at five Swedish commercial airports. Company 1 was the airport owner company and company 2 was subcontracted for aerodrome security work. The questionnaire was returned by 145 respondents (53%). Participants' mean age was 35.4 years (SD = 10.5), 75 (56%) were males and 21 (15.7%) had managerial positions.
The questionnaire consisted of the revised item pool of 97 items emanating from the first pilot study as described above, and the eight demographic variables. The response format was the same as in the first pilot study.
Based on the statistical analysis (described in chapter Statistical analysis, below) the number of items was reduced to 77, and the number of dimensions to 14. Fifteen items in three dimensions targeted the aerodrome as a work place; 20 items in four dimensions targeted the organizational management; and 42 items in seven dimensions targeted the workgroup. Two dimensions targeting the workgroup (workgroup integration in the organization, and workgroup preference for no blame) showed weak empirical support, but it was decided to keep these dimensions for further testing in the next phase.

Participants and procedure
The full-scale study was performed in April 2015. The questionnaire was distributed to 1043 security staff members in two companies at nine Swedish commercial aerodromes. Company 1 (n = 368) was the owner company and was represented at nine aerodromes, while company 2 (n = 675) was subcontracted for aerodrome security work and was represented at three of the aerodromes. The sample consisted of all staff within 55 work teams, performing as security officers in command, security coordinators, patrolling guards and security screeners. The questionnaire was distributed via e-mail to company 1, and in a paper version to company 2. Questionnaire distribution and data collection was performed by an external consulting company.
The questionnaire was based on the results from the second pilot study and thus consisted of 77 items hypothesized to measure 14 aerodrome security climate dimensions within the three evaluation targets. Within the target the aerodrome as a workplace, three dimensions were hypothesized: Security role clarity (5 items), Genuine and holistic security commitment (5 items), and Role legitimacy (5 items). Within the target organizational management, four dimensions were hypothesized: Management security priority (4 items), Trustworthy and committed security leadership (5 items), Empowerment (6 items), and Security justice (5 items). Within the target the workgroup, seven dimensions were hypothesized: Work-group security priority (8 items), Legitimacy of rules (6 items), Security awareness (6 items), Shared responsibility (6 items), Work-group integration in the organization (3 items), Learning and communication (7 items), and Workgroup preference for no blame (6 items).
Two security behavior scales, adapted from the occupational safety domain (Neal and Griffin, 2006), were included to validate the aerodrome security climate measure. Rule compliant security behavior was assessed by three items (Cronbach's alpha = .90, example item: "I use the correct security procedures for carrying out my job") and participative security behavior was assessed by three items (Cronbach's alpha = .82, example item: "I voluntarily carry out tasks or activities that help to improve aerodrome security").
As in the pilot tests, eight demographic variables were also included. The response format was specified as six set alternatives, as described above, from "completely disagree" (1) to "completely agree" (6), with an additional option, "I don't know. The option, "I don't know" was coded as internal missing data and excluded in the analyses.
In all, 605 persons (58%) in 55 workgroups responded (company 1: 224 persons (61%), company 2: 381 persons (56%)). The response rate at the different aerodromes was 40-70% in company 1, and 36-64% in company 2. The mean age of the participants was 37.1 years, (SD = 11.1) and 54% were males. The mean experience of present or similar work tasks was 7.8 years (SD = 7.6), the mean tenure at the present work site was 5.6 years (SD = 6.2), and the mean tenure in the present workgroup was 3.4 years (SD = 4.1).

Statistical analysis
Negatively worded items were reversed before further analysis. SPSS version 18 and AMOS version 18 were used for the analysis. For investigating the factor structure of the scales and reducing the number of items, both exploratory factor analysis, principal components analysis (PCA) with orthogonal rotation (varimax), and theoretically driven qualitative analysis were used during the scale development phase. Internal consistency reliability was assessed through Cronbach's alpha and comparisons between group means were performed with ANOVA. Confirmatory factor analysis (CFA), using maximum likelihood estimation in AMOS, evaluated the hypotheses about which items should load onto each security climate construct. Missing values were handled through the full information maximum likelihood estimation (FIML). The model chi-square and degrees of freedom are reported in the Results section, but due to the sensitivity of this statistics to large sample size, the model fit to the observed data was primarily assessed based on the Bentler comparative fit index (CFI), and the Steiger-Lind root mean square error of approximation (RMSEA). A CFI value greater than or equal to 0.90, and values of RMSEA below 0.08 were regarded as indicating a reasonable model fit (Kline, 2005). Intraclass correlation (ICC 1 ) (Schrout & Fleiss, 1979), i.e. the proportion of variance that was accounted for by the grouping structure, was estimated with the procedure VARCOMP in SPSS. Restricted maximum likelihood estimation was used. For each security climate variable, two-level models (individual and workgroup level) and three-level models (individual, workgroup, and aerodrome level) were estimated.

Item analysis
An initial inspection of the data from the full-scale study indicated some items with a tendency towards ceiling and floor effects, respectively. However, since a closer examination of the items showed that the full range of scale scores had been used in all scales, no items were excluded for such reasons.

Factor structure
Confirmatory factor analyses were performed separately for items with different targets: the aerodrome as a workplace, the organizational management, and the workgroup. For each target, two models were estimated. Model 1 was a model with a latent variable for each security climate dimension and questionnaire items as indicators of these latent variables in accordance with the structure established in the pilot studies. Free covariances were specified between the latent variables. Model 2 added a latent variable representing the instrument factor emanating from the reversed items. Thus, in this model each reversed manifest variable was influenced by two latent variables; (1) the conceptual latent variable representing the aerodrome security climate dimension and (2) a common "reversed item factor". The non-reversed items were influenced only by the conceptual latent variable.
In model 1, the evaluation target aerodrome as a work place comprised three latent variables representing the hypothesized security climate dimensions. The model fit was not fully acceptable (chi 2 = 579.0, df = 87, p < .001, CFI = .870, RMSEA = .097). After introduction of the reversed item factor as a latent variable (Model 2) the model fit was much improved (delta chi 2 = 248.6, delta df = 9, p < .001) and the fit was now acceptable (chi 2 = 330.4, df = 78, p < .001, CFI = .933, RMSEA = .073). Factor loadings were significant and sufficiently high for all items in all the three dimensions; Security role clarity (.42-.78), Genuine and holistic security commitment (.62-.71), and Role legitimacy (.60-.79). Thus, the factor structure established in the previous scale development phase was confirmed.
The third evaluation target, work group, initially consisted of seven dimensions. Analysis confirmed the preliminary results from pilot study 2, that the dimensions workgroup integration in the organization, and workgroup preference for no blame, should be discarded, and nine items excluded from further analysis. Another nine items were identified as redundant and were also excluded. Thus, the final model consisted of five latent variables, and 24 manifest variables. The model fit was not fully acceptable (chi 2 = 1302.4, df = 242, p < .001, CFI = .848, RMSEA = .085), but also here, introduction of the reversed item factor as a latent variable (Model 2) showed a much-improved fit (delta chi 2 = 488.7, delta df = 12, p < .001), and the fit was now acceptable (chi 2 = 813.7, df = 230, p < .001, CFI = .916, RMSEA = .065). Factor loading were significant and sufficiently high for all items in all dimensions, Workgroup security priority (.62-.79), Legitimacy of rules (.50-.80), Security awareness (.50-.80), Shared responsibility (.61-.83), and Learning and communication (.61-.74). Thus, this factor structure was confirmed.

The final questionnaire
After model-modifications based on the results as described above, the final version of the Aerodrome Security Climate Questionnaire (ADSECQ) comprised 59 items in 12 dimensions. A detailed presentation of the final ADSECQ scales and reliability of each scale is given in Table 1. The reliability was in the range .82-.89 and thus fully satisfactory for all scales. To examine any impact of the questionnaire distribution method, data from web-based and printed versions of the questionnaire were analyzed separately with regard to reliability. The reliability of the scales was similar in both cases, as shown by the Cronbach's alpha values of 0.82-0.89.for the web and 0.79-0.89 for the paper version. Descriptive statistics and correlations between the 12 dimensions are presented in Table 2, for the individual level as well as the group level based on aggregated data from 55 workgroups.
The climate dimensions were all positively related to each other, and the size was in most instances somewhat higher in the aggregated group level data. Standard deviations were lower in group level data than in individual level data.

Validity
The validity of the scales was assessed in several ways. The CFA models reported above supported the construct validity of the twelve security climate scales. Furthermore, each scale was investigated by ensuring unidimensionality in explorative factor analyses. All scales were unidimensional as shown by a clear 'knee' in the scree plot, and eigenvalues less than one for the second component (the Kaiser criterion).
The criterion validity of the scales for aerodrome security was analysed through their relations to the behaviour outcome variables. The results are shown in Table 2. Bivariate correlations were calculated at the individual level, and with data aggregated to the workgroup level. All climate dimensions showed significant positive relations with self-rated security rule compliance behaviour as well as participative security behaviour at the individual level. When aggregated to the workgroup level, some relations were not significant. However, all climate dimensions showed significant relations to either compliant or participative security behaviour also at the aggregated level.
One-way ANOVA with aerodrome as independent variable showed a significant F value for all scales, as did one-way ANOVA with workgroup as independent variable. This showed that all scales were able to discriminate between aerodromes as well as between workgroups.
The proportion of the total variance at different organizational levels is presented in Table 3. Based on two-level models, ICC 1 for the scales varied between 0.07 (workgroup priority of security) and 0.24 (empowerment). Three-level models partitioned the variance at the aerodrome, workgroup, and individual levels. For all dimensions with aerodrome or organizational management as the target of evaluation, the amount of variation was to a higher extent attributed to the aerodrome than to the workgroup. Three dimensions with the workgroup as the target of evaluation showed a higher amount of variation attributed to the workgroup than to the aerodrome.

Discussion
The aim of this study was to develop a reliable and valid questionnaire instrument to measure aerodrome security climate. The questionnaire should be based on organizational climate theory and empirical data acquired through a thorough psychometric development process. It should also allow comparative studies between aerodromes and groups within organizations. It should be suitable for research purposes as well as for practical purposes to evaluate the security climate standard, pinpoint security climate areas for improvement, and to evaluate the effect of security climate interventions. We consider that the final version of the Aerodrome Security Climate Questionnaire (ADSECQ) was shown to satisfy these criteria.
Looking at the dimensionality of aerodrome security climate in ADSECQ in the light of previous research validates the instrument. In numerous studies of occupational safety climate, management priority of and commitment to safety has been found the most essential dimension (Beus et al., 2010;Christian et al., 2009;Flin et al., 2000;Seo et al., 2004). This is reflected in the ADSECQ dimensions genuine and holistic security commitment (aerodrome level) and management security priority. Reason (1998) suggested that a constant awareness in the organization that things may go wrong is the foundation of a good safety culture. This is mirrored in the ADSECQ dimension workgroup security awareness. The management being well informed and acquiring rich information from all parts and levels of the organization, stated by Reason as an important prerequisite for such awareness, is reflected in the dimension workgroup learning and communication. Openness and a willingness to report errors requires the employees' trust that the rapporteur will be treated fairly by managementa just culture. This is reflected in the dimensions security justice, and trustworthy and committed security leadership.Value conflicts involving security are not uncommon in aerodrome work (Atak & Kingma, 2011;Pettersen & Björnskau, 2015), and the ability to handle such situations wisely requires employee integrity and empowerment (Eng & Sullivan, 2018). These aspects are represented in ADSECQ by the dimensions empowerment, and role legitimacy. The ability of the organization to flexibly respond and adjust in the light of new information, and to learn from previous experience, held forth by Reason as essential aspects of a good safety culture, are mirrored in the ADSECQ dimensions empowerment, and workgroup learning and communication. Finally, the co-workers as an important source of information giving normative guidance regarding how security should be valued and handled (Kirschembaum, 2015) is captured through five of the twelve dimensions, and particularly through the dimensions workgroup security priority, and shared responsibility.
As discussed above, main safety climate dimensions are mirrored in the ADSECQ security climate questionnaire. However, safety and security are in many aspects two different fields, where safety e.g. assumes that we all naturally want to avoid accidents, whereas security should always include an element of suspicion towards the coworkers and their good intentions. This suspicion could be expected to affect the climate of the workgroups in a security-specific manner. In line with this we have identified the following dimensions that are specific for security climate: role legitimacy, which concerns social acceptance for security screening of peers and managers; legitimacy of rules, which reflects the aspect of rules as a source of group conflicts; and security awareness, which highlights the attention to discern new potential threats.
The reliability of the ADSECQ scales was good both in the web and the paper version of the questionnaire, with Chronbach's alphas of 0.82-0.89, and each scale was found to be unidimensional.
According to theory, organizational climates are shared within the organizational unit, and a questionnaire measuring such climate must therefore be able to capture shared climate perceptions. The intraclass correlations (ICC 1 ) were acceptably high for all the ADSECQ scales. For all dimensions with aerodrome or organizational Table 2 Means, standard deviations, and bivariate correlations between the 12 ADSECQ scales of aerodrome security climate and two security behaviour variables, at the individual level and the workgroup level  Note. Individual level statistics (n = 488-587) are reported below the diagonal, and group level statistics based on aggregated data from 55 workgroups above the diagonal. All individual level correlations were significant at p < .001. Correlations at group level were significant at p < .05 except those marked with^(p > .05)

Table 3
Partitioning of the total variance on different organizational levels in two-level models (workgroup and individual) and three-level models (aerodrome, workgroup and individual .10 .07 Learning and communication .

23
.10 .16 management as the target of evaluation, the amount of variation was to a higher extent attributed to the aerodrome than to the workgroup, which further strengthens the validity of the ADSECQ scales.
To be meaningful and valid, an instrument to measure an organizational climate domain, such as aerodrome security climate, must also be able to discriminate one unit from another. Significant f-values in one-way ANOVA showed that ADSECQ discriminated between aerodromes as well as between workgroups at the same aerodrome.
All climate dimensions showed significant positive relations with self-rated security rule compliance behaviour as well as participative security behaviour, at the individual level. When aggregated to the workgroup level some relations were not significant, which may be explained by insufficient power, with N = 55 at the workgroup level. However, all climate dimensions showed significant relations to either compliant or participative security behaviour, aggregated to the workgroup level. This supports the validity of ADSECQ for aerodrome security.
Using both negatively and positively worded items may have the negative side effect of introducing an artificial instrument factor, where reversed and non-reversed items load in different components in exploratory factor analyses (Kines et al., 2011). The results lent support for such an instrument factor for all three evaluation targets. However, such an instrument factor can be modelled in confirmatory factor analysis, allowing proper testing of the conceptual structure. In the present study, the models fit was considerable improved when such an instrument factor was introduced in the model. We maintain that it is advisable to use both straight and reversed items for several reasons. First, personal response patterns introducing different kind of bias for straight and reversed items can, at least to some extent, be balanced out. Second, respondents will be forced to slow down, carefully read the questions and not speed through the questionnaire. Third, with the reversed items, stereotype response patterns can be identified and dealt with properly. With only straight items such patterns would pass unnoticed. ADSECQ offers a multi-level, multi-facetted instrument to measure aerodrome security climate. With its 12 dimensions, it captures a wide range of aerodrome security climate aspects, regarding three organizational levels, while the reasonable number of 59 items makes it useful, not only for research purposes but also for practical ones. We believe ADSECQ is suitable to evaluate the aerodrome security climate standard, pinpoint security climate areas for improvement, and evaluate the effect of security interventions or other types of organizational change.

Limitations
The studies reported in this paper were conducted in two companies only, and limited to Swedish aerodromes. We suggest that ADSECQ be tested in other and extended contexts to investigate the consistency of the factor structure and the generalizability of the instrument.
The outcome variables of security behaviour were self-rated by the respondents. It is therefore possible that common method bias (CMB) may have inflated the relations between security climate and security outcomes, and thus affected the criterion validity of ADSECQ. However, when the observations were aggregated to the workgroup level, which is less susceptible to be inflated by CMB, all scales were significantly related to either security compliance or participative security behaviour, or to both. Still, future studies validating the scales against external criteria variables are desirable.

Conclusions
With its good psychometric properties, and validity in relation to compliant as well as participative self-reported security behaviour ADSECQ offers a multi-level, multifacetted instrument to measure aerodrome security climate. The dimensions were derived inductively, through a focus group of experts on aviation security and safety from different airports, operating in different functions and at different organizational levels. With its 12 dimensions, ADSECQ captures a wide range of aerodrome security climate aspects, at three organizational levels. Aerodrome security climate is a novel area of research, but the validity of the ADSECQ dimensions was strengthened by the fact that they well represented the aspects of safety culture and climate that have been emphasized as essential in previous research, regarding other safety domains, e.g. occupational safety, and patient safety. The reasonable number of 59 items makes ADSECQ useful, not only for research purposes but also for practical ones. We believe ADSECQ is suitable to evaluate the aerodrome security climate standard, pinpoint security climate areas for improvement, and evaluate the effect of interventions.
Funding Open access funding provided by University of Gothenburg. This research was funded by the Swedish Transport Administration (grant no TRV 2015/99259) and Swedavia AB.

Compliance with ethical standards
Declarations of interest none.
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.