A study on Construction of the Corporate BYOD information security risks guideline Author：Yi-Tang Lee Advisor：Dr. Cheng-Yuan Ku Wei-Hsi Hung Abstract Nowadays, consumerization of IT has pushed forward a massive upsurge in BYOD (Bring Your Own Device). However, for the management of business organizations, in order to make the trend of BYOD an external competitive advantage and help decision makers achieve business goals, it is a priority to evaluate the information security risks of BYOD. Therefore, it turns out to be an important step to design a “BYOD Information Security Management System (ISMS)”. Aiming at academic databases and websites of ISMS, this present study was mainly designed to conduct literature reviews with keywords related to information security risks and threats of BYOD. The researcher collected as well as organized different aspects of information security risks, integrated them together, and indicated both initial dimensions and norms. Based on Delphi method, the researcher proofread and corrected so as to make sure of the accuracy and validity. Lastly, determining on weighting of the dimensions and modes on the basis of AHP, according to the results, the researcher conducted depth interview to explain the profound implications of categorization and arrangement with the aim of gaining practical conclusion. The results showed that in terms of the dimension, business organizations have a common consensus of placing high importance on technical risk management of both mobile application security and communication security. They intend to establish compliance security norms according to the dimension of privacy and physical security which regard protecting privacy of labor-management as priority. In light of “the compatibility security” and “costs and productivity”, both of them are regarded as the latter ones in the risks rank. All of these suggests that from the view of business organizations, the compatibility of software and hardware are solvable, and they do not refuse to join due to the costs of management; instead, they are more likely to control immediate risks aiming at certain aspects of threats in information security so as to reinforce the coherence and productivity of employees. Under the highly competitive and mature environment of mobile technology, this study is expected to help industries and organizations handle challenges from exterior with the proposed BYOD management system, and in hopes of offering business organization reference materials of improving business information security. Keywords: BYOD, information security, mobile device, AHP, IT consumerization