A re-classification of IS security analysis approaches

Ali Sunyaev, Florian Tremmel, Christian Mauro, Jan Marco Leimeister, Helmut Krcmar

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

6 Scopus citations


The role of security management in the development and operation of information systems has a long tradition of research in computer science, information systems and management science. Integrating the economic, organizational, and technical aspects of information systems security analysis and assessment requires a bridging of these different research streams. We examined major articles published concerning IS security using a new classification scheme for IS security analysis and assessment approaches. We looked at approaches discussed in recent publications as well those examined as in past articles that have attempted to classify various approaches to IS security. This paper therefore organizes a diverse collection of literature into a cohesive whole with the aim of providing IS management with an overview of current security analysis approaches, thereby offering management an effective aide for selecting the methods best suited to their needs. Furthermore, this work structures IS security research into a classification scheme that can also be used in future research and practice.

Original languageEnglish
Title of host publication15th Americas Conference on Information Systems 2009, AMCIS 2009
Number of pages10
StatePublished - 2009
Event15th Americas Conference on Information Systems 2009, AMCIS 2009 - San Francisco, CA, United States
Duration: 6 Aug 20099 Aug 2009

Publication series

Name15th Americas Conference on Information Systems 2009, AMCIS 2009


Conference15th Americas Conference on Information Systems 2009, AMCIS 2009
Country/TerritoryUnited States
CitySan Francisco, CA


  • Information security management standards
  • Information systems Security
  • Risk management
  • Security management


Dive into the research topics of 'A re-classification of IS security analysis approaches'. Together they form a unique fingerprint.

Cite this