The Human Aspects of Information Security and Assurance (HAISA) symposium specifically addresses information security issues that relate to people. It concerns the methods that inform and guide users' understanding of security, and the technologies that can benefit and support them in achieving protection. This book represents the proceedings from the 2009 event, which was held in Athens, Greece. A total of 11 reviewed and 2 invited papers are included, spanning a range of topics including the communication of risks to end-users, user-centred security in system development, and technology impacts upon personal privacy. All of the papers were subject to double-blind peer review, with each being reviewed by at least two members of the international programme committee.