[摘要] Allowing employees to use their personal devices to perform official and private tasks through computing strategy known as bring your own device (BYOD) portends numerous benefits and security risks. The risks could propagate to enterprise information systems through some risk factors. Realistically, organisations anticipated the risks by implementing arrays of countermeasures. However, the characteristics that defined the relationships between the risk factors and the technical security controls are yet to be established. In order to evolve the features, this study conducted content analysis on some literatures which were selected through criteria developed for the research. Thereafter, the exploration revealed five characteristics that cut across risk factors, technical controls and the relationships between the former and the latter. Precisely, the derived characteristics are crucial toward achieving realistic risk evaluation process in BYOD strategy. Furthermore, the study opened more research directions as the risks circumscribing the strategy continue to emerge as global security challenge to vital information assets.