Until recently, most of the effort for providing security in information systems has been focused on technology. However, it turned out during the last years that human factors have played a central role. Therefore, to ensure appropriate security in contemporary information systems, it is necessary to address not only technology-related issues, but also human behaviour and organisation-related issues that are usually embodied in security policies. This paper presents a template model, which is intended to support risk management for information systems, and which is concentrated on human factors. The model is based on business dynamics that provide the means for qualitative and quantitative treatment of the above-mentioned issues.
No Reference information available - sign in for access.
No Citation information available - sign in for access.
No Supplementary Data.
No Article Media