Heuristics for Evaluating IT Security Management Tools
The usability of IT Security Management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. However, standard usability heuristics are hard to apply as IT security management occurs within a complex and collaborative context that involves diverse stakeholders. The authors propose a set of ITSM usability heuristics that are based on activity theory, are supported by prior research, and consider the complex and cooperative nature of security management. In a between-subjects study, they compared the employment of the ITSM and Nielsen's heuristics for evaluation of a commercial identity management system.