Critical analysis of different approaches to minimizing user‐related faults in information systems security: implications for research and practice

Even though the human component has been recognized to have a crucial role in information systems (IS) security, the human issues have not received much attention. Recently a few approaches aimed at minimizing human‐related faults in the area of IS security have been put forward. This paper analyses different approaches aimed at minimizing user‐related faults. The existing approaches will be analysed from the viewpoint of their theoretical background, the research approaches employed, the research objectives and the organizational role of IS security. As a result, a new taxonomy, a comparison and critical analyses of the strengths and weaknesses of state‐of‐the‐art approaches shall be presented. Moreover, several issues that future research should explore and practitioners should consider when applying the results of the existing research are suggested.