Critical analysis of different approaches to minimizing user-related faults in information systems security: implications for research and practice
Even though the human component has been recognized to have a crucial role in information systems (IS) security, the human issues have not received much attention. Recently a few approaches aimed at minimizing human-related faults in the area of IS security have been put forward. This paper analyses different approaches aimed at minimizing user-related faults. The existing approaches will be analysed from the viewpoint of their theoretical background, the research approaches employed, the research objectives and the organizational role of IS security. As a result, a new taxonomy, a comparison and critical analyses of the strengths and weaknesses of state-of-the-art approaches shall be presented. Moreover, several issues that future research should explore and practitioners should consider when applying the results of the existing research are suggested.