Abstract

Our research suggests an improved theoretical and conceptual foundation for analysing information systems security. We argue that an analysis of structures of responsibility in organizations leads to the development of secure information systems. The paper surveys the existing approaches to security and proposes an alternative perspective for viewing organizational and security issues.