Abstract
Information security research has a bias towards formal and small-scale policies. This research tradition, albeit important, has neglected the non-formal and non-computer oriented security policies. Yet the current classifications concerning security policies do not fully address the issues in security policies within information systems. Firstly, a new classification of (two categories) security policies will be depicted. Secondly, and the main contribution ofthis paper, five approaches to construction of end-user guidelines will be put forth, including the strengths and weaknesses of these approaches.
Author supplied keywords
Cite
CITATION STYLE
Siponen, M. T. (2017). Policies for construction of information systems’ security guidelines. In IFIP Advances in Information and Communication Technology (Vol. 47, pp. 111–120). Springer New York LLC. https://doi.org/10.1007/978-0-387-35515-3_12
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
