TY - GEN
T1 - A re-classification of IS security analysis approaches
AU - Sunyaev, Ali
AU - Tremmel, Florian
AU - Mauro, Christian
AU - Leimeister, Jan Marco
AU - Krcmar, Helmut
PY - 2009
Y1 - 2009
N2 - The role of security management in the development and operation of information systems has a long tradition of research in computer science, information systems and management science. Integrating the economic, organizational, and technical aspects of information systems security analysis and assessment requires a bridging of these different research streams. We examined major articles published concerning IS security using a new classification scheme for IS security analysis and assessment approaches. We looked at approaches discussed in recent publications as well those examined as in past articles that have attempted to classify various approaches to IS security. This paper therefore organizes a diverse collection of literature into a cohesive whole with the aim of providing IS management with an overview of current security analysis approaches, thereby offering management an effective aide for selecting the methods best suited to their needs. Furthermore, this work structures IS security research into a classification scheme that can also be used in future research and practice.
AB - The role of security management in the development and operation of information systems has a long tradition of research in computer science, information systems and management science. Integrating the economic, organizational, and technical aspects of information systems security analysis and assessment requires a bridging of these different research streams. We examined major articles published concerning IS security using a new classification scheme for IS security analysis and assessment approaches. We looked at approaches discussed in recent publications as well those examined as in past articles that have attempted to classify various approaches to IS security. This paper therefore organizes a diverse collection of literature into a cohesive whole with the aim of providing IS management with an overview of current security analysis approaches, thereby offering management an effective aide for selecting the methods best suited to their needs. Furthermore, this work structures IS security research into a classification scheme that can also be used in future research and practice.
KW - Information security management standards
KW - Information systems Security
KW - Risk management
KW - Security management
UR - http://www.scopus.com/inward/record.url?scp=84870367226&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84870367226
SN - 9781615675814
T3 - 15th Americas Conference on Information Systems 2009, AMCIS 2009
SP - 4640
EP - 4649
BT - 15th Americas Conference on Information Systems 2009, AMCIS 2009
T2 - 15th Americas Conference on Information Systems 2009, AMCIS 2009
Y2 - 6 August 2009 through 9 August 2009
ER -