This paper presents the development of a framework for evaluating group behaviour in information security in practice. Information security behavioural threshold analysis is employed as the theoretical foundation for the proposed framework. The suitability of the proposed framework is evaluated based on two sets of qualitative measures (general frameworks and information security frameworks) which were identified from literature. A novel conceptual mapping of the two sets of evaluation measures is presented and used to evaluate the proposed framework. The successful evaluation of the proposed framework, guided by the identified evaluation measures, is presented in terms of positive practical applications, as well as positive peer review and publication of the underlying theory.