likert = Likert([

survey = [{"Question": "01. There are no passwords shared between people, in any environment", "ID": 0, "Response": "Neutral"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 1, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 2, "Response": "Disagree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 3, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 4, "Response": "Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 5, "Response": "Agree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 6, "Response": "Neutral"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 7, "Response": "Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 8, "Response": "Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 9, "Response": "Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 10, "Response": "Agree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 11, "Response": "Strongly Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 12, "Response": "Strongly Agree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 13, "Response": "Agree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 14, "Response": "Agree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 15, "Response": "Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 16, "Response": "Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 17, "Response": "Neutral"}, {"Question": "19. I know who to ask when I have a security question", "ID": 18, "Response": "Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 19, "Response": "Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 20, "Response": "Neutral"}, {"Question": "22. This was a relevant survey", "ID": 21, "Response": "Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 22, "Response": "Strongly Disagree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 23, "Response": "Strongly Disagree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 24, "Response": "Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 25, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 26, "Response": "Strongly Disagree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 27, "Response": "Strongly Disagree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 28, "Response": "Strongly Disagree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 29, "Response": "Strongly Disagree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 30, "Response": "Strongly Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 31, "Response": "Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 32, "Response": "Strongly Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 33, "Response": "Strongly Disagree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 34, "Response": "Strongly Disagree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 35, "Response": "Strongly Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 36, "Response": "Strongly Disagree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 37, "Response": "Strongly Disagree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 38, "Response": "Strongly Disagree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 39, "Response": "Strongly Disagree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 40, "Response": "Disagree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 41, "Response": "Strongly Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 42, "Response": "Disagree"}, {"Question": "22. This was a relevant survey", "ID": 43, "Response": "Strongly Disagree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 44, "Response": "Strongly Disagree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 45, "Response": "Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 46, "Response": "Disagree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 47, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 48, "Response": "Disagree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 49, "Response": "Strongly Disagree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 50, "Response": "Agree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 51, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 52, "Response": "Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 53, "Response": "Neutral"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 54, "Response": "Strongly Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 55, "Response": "Disagree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 56, "Response": "Strongly Disagree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 57, "Response": "Strongly Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 58, "Response": "Strongly Disagree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 59, "Response": "Disagree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 60, "Response": "Strongly Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 61, "Response": "Disagree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 62, "Response": "Disagree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 63, "Response": "Neutral"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 64, "Response": "Strongly Disagree"}, {"Question": "22. This was a relevant survey", "ID": 65, "Response": "Strongly Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 66, "Response": "Disagree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 67, "Response": "Disagree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 68, "Response": "Neutral"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 69, "Response": "Neutral"}, {"Question": "05. The software deployment process is fully automated", "ID": 70, "Response": "Strongly Disagree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 71, "Response": "Neutral"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 72, "Response": "Neutral"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 73, "Response": "Neutral"}, {"Question": "09. I know about the OWASP Top 10", "ID": 74, "Response": "Neutral"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 75, "Response": "Neutral"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 76, "Response": "Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 77, "Response": "Neutral"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 78, "Response": "Disagree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 79, "Response": "Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 80, "Response": "Neutral"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 81, "Response": "Neutral"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 82, "Response": "Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 83, "Response": "Disagree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 84, "Response": "Disagree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 85, "Response": "Disagree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 86, "Response": "Disagree"}, {"Question": "22. This was a relevant survey", "ID": 87, "Response": "Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 88, "Response": "Strongly Disagree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 89, "Response": "Strongly Disagree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 90, "Response": "Strongly Disagree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 91, "Response": "Strongly Disagree"}, {"Question": "05. The software deployment process is fully automated", "ID": 92, "Response": "Disagree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 93, "Response": "Strongly Disagree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 94, "Response": "Disagree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 95, "Response": "Disagree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 96, "Response": "Disagree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 97, "Response": "Disagree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 98, "Response": "Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 99, "Response": "Disagree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 100, "Response": "Strongly Disagree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 101, "Response": "Strongly Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 102, "Response": "Strongly Disagree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 103, "Response": "Strongly Disagree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 104, "Response": "Strongly Disagree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 105, "Response": "Strongly Disagree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 106, "Response": "Strongly Disagree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 107, "Response": "Strongly Disagree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 108, "Response": "Strongly Disagree"}, {"Question": "22. This was a relevant survey", "ID": 109, "Response": "Strongly Disagree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 110, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 111, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 112, "Response": "Strongly Disagree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 113, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 114, "Response": "Strongly Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 115, "Response": "Agree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 116, "Response": "Neutral"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 117, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 118, "Response": "Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 119, "Response": "Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 120, "Response": "Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 121, "Response": "Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 122, "Response": "Neutral"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 123, "Response": "Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 124, "Response": "Neutral"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 125, "Response": "Strongly Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 126, "Response": "Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 127, "Response": "Neutral"}, {"Question": "19. I know who to ask when I have a security question", "ID": 128, "Response": "Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 129, "Response": "Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 130, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 131, "Response": "Neutral"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 132, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 133, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 134, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 135, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 136, "Response": "Strongly Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 137, "Response": "Strongly Agree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 138, "Response": "Strongly Agree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 139, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 140, "Response": "Strongly Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 141, "Response": "Strongly Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 142, "Response": "Strongly Agree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 143, "Response": "Strongly Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 144, "Response": "Strongly Agree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 145, "Response": "Strongly Agree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 146, "Response": "Strongly Agree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 147, "Response": "Strongly Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 148, "Response": "Strongly Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 149, "Response": "Strongly Agree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 150, "Response": "Strongly Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 151, "Response": "Strongly Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 152, "Response": "Strongly Agree"}, {"Question": "22. This was a relevant survey", "ID": 153, "Response": "Strongly Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 154, "Response": "Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 155, "Response": "Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 156, "Response": "Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 157, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 158, "Response": "Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 159, "Response": "Disagree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 160, "Response": "Disagree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 161, "Response": "Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 162, "Response": "Neutral"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 163, "Response": "Neutral"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 164, "Response": "Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 165, "Response": "Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 166, "Response": "Disagree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 167, "Response": "Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 168, "Response": "Strongly Disagree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 169, "Response": "Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 170, "Response": "Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 171, "Response": "Neutral"}, {"Question": "19. I know who to ask when I have a security question", "ID": 172, "Response": "Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 173, "Response": "Neutral"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 174, "Response": "Neutral"}, {"Question": "22. This was a relevant survey", "ID": 175, "Response": "Strongly Disagree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 176, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 177, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 178, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 179, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 180, "Response": "Neutral"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 181, "Response": "Strongly Disagree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 182, "Response": "Neutral"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 183, "Response": "Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 184, "Response": "Strongly Disagree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 185, "Response": "Disagree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 186, "Response": "Neutral"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 187, "Response": "Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 188, "Response": "Disagree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 189, "Response": "Neutral"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 190, "Response": "Neutral"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 191, "Response": "Neutral"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 192, "Response": "Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 193, "Response": "Agree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 194, "Response": "Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 195, "Response": "Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 196, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 197, "Response": "Strongly Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 198, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 199, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 200, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 201, "Response": "Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 202, "Response": "Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 203, "Response": "Neutral"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 204, "Response": "Disagree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 205, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 206, "Response": "Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 207, "Response": "Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 208, "Response": "Agree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 209, "Response": "Strongly Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 210, "Response": "Agree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 211, "Response": "Agree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 212, "Response": "Neutral"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 213, "Response": "Strongly Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 214, "Response": "Neutral"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 215, "Response": "Neutral"}, {"Question": "19. I know who to ask when I have a security question", "ID": 216, "Response": "Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 217, "Response": "Strongly Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 218, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 219, "Response": "Strongly Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 220, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 221, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 222, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 223, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 224, "Response": "Strongly Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 225, "Response": "Strongly Agree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 226, "Response": "Strongly Agree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 227, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 228, "Response": "Strongly Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 229, "Response": "Strongly Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 230, "Response": "Strongly Agree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 231, "Response": "Strongly Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 232, "Response": "Strongly Agree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 233, "Response": "Strongly Agree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 234, "Response": "Strongly Agree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 235, "Response": "Strongly Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 236, "Response": "Strongly Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 237, "Response": "Strongly Agree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 238, "Response": "Strongly Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 239, "Response": "Strongly Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 240, "Response": "Strongly Agree"}, {"Question": "22. This was a relevant survey", "ID": 241, "Response": "Strongly Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 242, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 243, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 244, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 245, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 246, "Response": "Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 247, "Response": "Agree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 248, "Response": "Neutral"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 249, "Response": "Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 250, "Response": "Neutral"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 251, "Response": "Neutral"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 252, "Response": "Agree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 253, "Response": "Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 254, "Response": "Agree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 255, "Response": "Neutral"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 256, "Response": "Agree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 257, "Response": "Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 258, "Response": "Strongly Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 259, "Response": "Agree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 260, "Response": "Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 261, "Response": "Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 262, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 263, "Response": "Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 264, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 265, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 266, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 267, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 268, "Response": "Neutral"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 269, "Response": "Neutral"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 270, "Response": "Agree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 271, "Response": "Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 272, "Response": "Neutral"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 273, "Response": "Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 274, "Response": "Neutral"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 275, "Response": "Neutral"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 276, "Response": "Neutral"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 277, "Response": "Agree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 278, "Response": "Agree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 279, "Response": "Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 280, "Response": "Neutral"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 281, "Response": "Neutral"}, {"Question": "19. I know who to ask when I have a security question", "ID": 282, "Response": "Neutral"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 283, "Response": "Neutral"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 284, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 285, "Response": "Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 286, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 287, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 288, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 289, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 290, "Response": "Strongly Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 291, "Response": "Neutral"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 292, "Response": "Agree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 293, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 294, "Response": "Neutral"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 295, "Response": "Neutral"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 296, "Response": "Neutral"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 297, "Response": "Strongly Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 298, "Response": "Strongly Agree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 299, "Response": "Agree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 300, "Response": "Strongly Agree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 301, "Response": "Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 302, "Response": "Strongly Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 303, "Response": "Strongly Agree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 304, "Response": "Strongly Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 305, "Response": "Strongly Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 306, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 307, "Response": "Strongly Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 308, "Response": "Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 309, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 310, "Response": "Neutral"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 311, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 312, "Response": "Strongly Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 313, "Response": "Strongly Disagree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 314, "Response": "Strongly Agree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 315, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 316, "Response": "Strongly Disagree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 317, "Response": "Neutral"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 318, "Response": "Strongly Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 319, "Response": "Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 320, "Response": "Neutral"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 321, "Response": "Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 322, "Response": "Neutral"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 323, "Response": "Disagree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 324, "Response": "Neutral"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 325, "Response": "Disagree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 326, "Response": "Neutral"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 327, "Response": "Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 328, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 329, "Response": "Agree"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 330, "Response": "Neutral"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 331, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 332, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 333, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 334, "Response": "Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 335, "Response": "Disagree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 336, "Response": "Neutral"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 337, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 338, "Response": "Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 339, "Response": "Disagree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 340, "Response": "Disagree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 341, "Response": "Strongly Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 342, "Response": "Neutral"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 343, "Response": "Disagree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 344, "Response": "Neutral"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 345, "Response": "Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 346, "Response": "Strongly Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 347, "Response": "Agree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 348, "Response": "Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 349, "Response": "Neutral"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 350, "Response": "Agree"}, {"Question": "22. This was a relevant survey", "ID": 351, "Response": "Neutral"}, {"Question": "01. There are no passwords shared between people, in any environment", "ID": 352, "Response": "Strongly Agree"}, {"Question": "02. There are no secrets or passwords in any source code", "ID": 353, "Response": "Strongly Agree"}, {"Question": "03. The software doesn't have any dependency on components/scripts downloaded from the internet at build time (PyPI, npm, Maven) - any dependencies are downloaded from an internal repository", "ID": 354, "Response": "Strongly Agree"}, {"Question": "04. No part of the production or UAT software is built on a developer machine/laptop", "ID": 355, "Response": "Strongly Agree"}, {"Question": "05. The software deployment process is fully automated", "ID": 356, "Response": "Strongly Agree"}, {"Question": "06. Security of the software I work on is the responsibility of the security team", "ID": 357, "Response": "Strongly Agree"}, {"Question": "07. We have enough time to think about security when designing and implementing the software we work on", "ID": 358, "Response": "Strongly Agree"}, {"Question": "08. Thinking about security and other failure scenarios is part of the software process", "ID": 359, "Response": "Strongly Agree"}, {"Question": "09. I know about the OWASP Top 10", "ID": 360, "Response": "Strongly Agree"}, {"Question": "10. The software I work on is not vulnerable to the current OWASP Top 10", "ID": 361, "Response": "Strongly Agree"}, {"Question": "11. I'm fully informed about the NIST SSDF", "ID": 362, "Response": "Strongly Agree"}, {"Question": "12. I'm empowered to report security concerns and the concerns are addressed", "ID": 363, "Response": "Strongly Agree"}, {"Question": "13. If I see a security problem, I can fix it there and then", "ID": 364, "Response": "Strongly Agree"}, {"Question": "14. I'll find out quickly if a vulnerability is discovered in an open-source component we use", "ID": 365, "Response": "Strongly Agree"}, {"Question": "15. Technical and security debt is regularly addressed", "ID": 366, "Response": "Strongly Agree"}, {"Question": "16. My team owns responsibility for the security of systems we write", "ID": 367, "Response": "Strongly Agree"}, {"Question": "17. When there are problems or incidents we use them as blame-free opportunities to identify where to improve processes and systems", "ID": 368, "Response": "Strongly Agree"}, {"Question": "18. I get regular time to spend on improving processes", "ID": 369, "Response": "Strongly Agree"}, {"Question": "19. I know who to ask when I have a security question", "ID": 370, "Response": "Strongly Agree"}, {"Question": "20. I know where to look for applicable patterns or standards", "ID": 371, "Response": "Strongly Agree"}, {"Question": "21. I often ask for advice regarding security considerations or concerns.", "ID": 372, "Response": "Strongly Agree"}, {"Question": "22. This was a relevant survey", "ID": 373, "Response": "Strongly Agree"}]

function Likert(responses) {