An analysis of the traditional information systems security approaches: implications for research and practice

Scholars have developed several modern information systems security (ISS) methods. Yet the traditional ISS methods – SS checklists, ISS standards, ISS maturity criteria, risk management (RM) and formal methods (FM) – are still among the most used ISS methods. This study makes sense of these traditional ISS methods by comparing their underlying key assumptions. The main finding is that the traditional ISS methods regurgitate several features and assumptions that are required to be dealt with by traditional ISS methods developers and practitioners.