A Reclassification of IS Security Analysis Approaches

Proceedings of the 15th Americas Conference on Information Systems (AMCIS 2009), San Fran­cisco, California, 6-9 August 2009, Article 570

Posted: 29 Sep 2012

See all articles by Ali Sunyaev

Ali Sunyaev

University of Cologne; Karlsruhe Institute of Technology

Florian Tremmel

Technische Universität München (TUM)

Christian Mauro

Technische Universität München (TUM)

J. M. Leimeister

University of St. Gallen; University of Kassel - Information Systems

Helmut Krcmar

Technische Universität München (TUM)

Date Written: 2009

Abstract

The role of security management in the development and operation of information systems has a long tradition of research in computer science, information systems and management science. Integrating the economic, organizational, and technical aspects of information systems security analysis and assessment requires a bridging of these different research streams. We examined major articles published concerning IS security using a new classification scheme for IS security analysis and assessment approaches. We looked at approaches discussed in recent publications as well those examined as in past articles that have attempted to classify various approaches to IS security. This paper therefore organizes a diverse collection of literature into a cohesive whole with the aim of providing IS management with an overview of current security analysis approaches, thereby offering management an effective aide for selecting the methods best suited to their needs. Furthermore, this work structures IS security research into a classification scheme that can also be used in future research and practice.

Keywords: Information Systems Security, Security Management, Risk Management, Information Security Management Standards

Suggested Citation

Sunyaev, Ali and Tremmel, Florian and Mauro, Christian and Leimeister, Jan Marco and Krcmar, Helmut, A Reclassification of IS Security Analysis Approaches (2009). Proceedings of the 15th Americas Conference on Information Systems (AMCIS 2009), San Fran­cisco, California, 6-9 August 2009, Article 570, Available at SSRN: https://ssrn.com/abstract=2153045

Ali Sunyaev (Contact Author)

University of Cologne ( email )

Albertus-Magnus-Platz
Cologne, 50923
Germany

HOME PAGE: http://www.isq.uni-koeln.de

Karlsruhe Institute of Technology ( email )

Kaiserstraße 12
Karlsruhe, Baden Württemberg 76131
Germany

Florian Tremmel

Technische Universität München (TUM) ( email )

Arcisstrasse 21
Munich, DE 80333
Germany

Christian Mauro

Technische Universität München (TUM) ( email )

Arcisstrasse 21
Munich, DE 80333
Germany

Jan Marco Leimeister

University of St. Gallen ( email )

Varnbuelstr. 14
Saint Gallen, St. Gallen CH-9000
Switzerland

University of Kassel - Information Systems ( email )

Pfannkuchstraße 1
Kassel, 34121
Germany

Helmut Krcmar

Technische Universität München (TUM) ( email )

Arcisstrasse 21
Munich, DE 80333
Germany

Do you have negative results from your research you’d like to share?

Paper statistics

Abstract Views
815
PlumX Metrics