Heuristics for evaluating IT security management tools

  • Jaferian P
  • Hawkey K
  • Sotirakopoulos A
 et al. 
  • 114

    Readers

    Mendeley users who have this article in their library.
  • 10

    Citations

    Citations of this article.

Abstract

The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. However, standard usability heuristics are hard to apply as IT security management occurs within a complex and collaborative context that involves diverse stakeholders. We propose a set of ITSM usability heuristics that are based on activity theory, are supported by prior research, and consider the complex and cooperative nature of security management. In a between-subjects study, we compared the employment of the ITSM and Nielsen’s heuristics for evaluation of a commercial identity management system. Participants who used the ITSM set found more problems categorized as severe than those who used Nielsen’s. As evaluators identified different types of problems with the two sets of heuristics, we recommend employing both the ITSM and Nielsen’s heuristics during evaluation of ITSM tools.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document

Authors

  • Pooya Jaferian

  • Kirstie Hawkey

  • Andreas Sotirakopoulos

  • Maria Velez-Rojas

  • Konstantin Beznosov

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free