{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T00:39:43Z","timestamp":1743122383205,"version":"3.40.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030223113"},{"type":"electronic","value":"9783030223120"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-22312-0_16","type":"book-chapter","created":{"date-parts":[[2019,6,16]],"date-time":"2019-06-16T23:02:48Z","timestamp":1560726168000},"page":"223-237","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["A Structured Comparison of the Corporate Information Security Maturity Level"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3534-313X","authenticated-orcid":false,"given":"Michael","family":"Schmid","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0893-7856","authenticated-orcid":false,"given":"Sebastian","family":"Pape","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,6,5]]},"reference":[{"issue":"2","key":"16_CR1","doi-asserted-by":"publisher","first-page":"106","DOI":"10.14445\/22312803\/IJCTT-V41P119","volume":"41","author":"RK Abbas Ahmed","year":"2016","unstructured":"Abbas Ahmed, R.K.: Security metrics and the risks: an overview. Int. J. Comput. Trends Technol. 41(2), 106\u2013112 (2016)","journal-title":"Int. J. Comput. Trends Technol."},{"issue":"11","key":"16_CR2","first-page":"14","volume":"3","author":"AAN Al-Shameri","year":"2017","unstructured":"Al-Shameri, A.A.N.: Hierarchical multilevel information security gap analysis models based on ISO 27001: 2013. Int. J. Sci. Res. Multidisc. Stud. 3(11), 14\u201323 (2017)","journal-title":"Int. J. Sci. Res. Multidisc. Stud."},{"key":"16_CR3","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/978-3-642-39498-0_12","volume-title":"The Economics of Information Security and Privacy","author":"R Anderson","year":"2013","unstructured":"Anderson, R., et al.: Measuring the cost of cybercrime. In: B\u00f6hme, R. (ed.) The Economics of Information Security and Privacy, pp. 265\u2013300. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-39498-0_12"},{"key":"16_CR4","first-page":"1","volume":"6","author":"CW Axelrod","year":"2008","unstructured":"Axelrod, C.W.: Accounting for value and uncertainty in security metrics. Inf. Syst. Control J. 6, 1\u20136 (2008)","journal-title":"Inf. Syst. Control J."},{"issue":"2","key":"16_CR5","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1145\/1042091.1042094","volume":"48","author":"LD Bodin","year":"2005","unstructured":"Bodin, L.D., Gordon, L.A., Loeb, M.P.: Evaluating information security investments using the analytic hierarchy process. Commun. ACM 48(2), 78\u201383 (2005)","journal-title":"Commun. ACM"},{"key":"16_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1007\/978-3-642-16825-3_2","volume-title":"Advances in Information and Computer Security","author":"R B\u00f6hme","year":"2010","unstructured":"B\u00f6hme, R.: Security metrics and security investment models. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 10\u201324. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-16825-3_2"},{"key":"16_CR7","unstructured":"Choo, K.K., Mubarak, S., Mani, D., et al.: Selection of information security controls based on AHP and GRA. In: Pacific Asia Conference on Information Systems, vol. 1, no. Mcdm, pp. 1\u201312 (2014)"},{"key":"16_CR8","doi-asserted-by":"publisher","first-page":"415","DOI":"10.1007\/978-3-662-09668-0","volume-title":"Rationales Entscheiden","author":"F Eisenf\u00fchr","year":"2003","unstructured":"Eisenf\u00fchr, F., Weber, M.: Rationales Entscheiden, p. 415. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-662-09668-0"},{"issue":"4","key":"16_CR9","doi-asserted-by":"publisher","first-page":"438","DOI":"10.1145\/581271.581274","volume":"5","author":"LA Gordon","year":"2002","unstructured":"Gordon, L.A., Loeb, M.P.: The economics of information security investment. ACM Trans. Inf. Syst. Secur. 5(4), 438\u2013457 (2002)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"16_CR10","unstructured":"Haufe, K.: Maturity based approach for ISMS. Ph.D. thesis, University Madrid (2017)"},{"issue":"11","key":"16_CR11","first-page":"14336","volume":"38","author":"A Ishizaka","year":"2011","unstructured":"Ishizaka, A., Labib, A.: Review of the main developments in the analytic hierarchy process. Expert Syst. Appl. 38(11), 14336\u201314345 (2011)","journal-title":"Expert Syst. Appl."},{"key":"16_CR12","unstructured":"ISO\/IEC 27001: Information Technology\u2014Security Techniques\u2014Information Security Management Systems\u2014Requirements. International Organization for Standardization (2013)"},{"issue":"1","key":"16_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10257-016-0306-y","volume":"15","author":"H Khajouei","year":"2017","unstructured":"Khajouei, H., Kazemi, M., Moosavirad, S.H.: Ranking information security controls by using fuzzy analytic hierarchy process. Inf. Syst. e-Bus. Manag. 15(1), 1\u201319 (2017)","journal-title":"Inf. Syst. e-Bus. Manag."},{"issue":"4","key":"16_CR14","first-page":"277","volume":"18","author":"NT Le","year":"2017","unstructured":"Le, N.T., Hoang, D.B.: Capability maturity model and metrics framework for cyber cloud security. Scalable Comput.: Pract. Exp. 18(4), 277\u2013290 (2017)","journal-title":"Scalable Comput.: Pract. Exp."},{"issue":"February","key":"16_CR15","first-page":"29","volume":"6","author":"MC Lee","year":"2014","unstructured":"Lee, M.C.: Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method. Int. J. Comput. Sci. Inf. Technol. (IJCSIT) 6(February), 29\u201345 (2014)","journal-title":"Int. J. Comput. Sci. Inf. Technol. (IJCSIT)"},{"key":"16_CR16","doi-asserted-by":"crossref","unstructured":"Liu, D.L., Yang, S.S.: An information system security risk assessment model based on fuzzy analytic hierarchy process. In: 2009 International Conference on E-Business and Information System Security, pp. 1\u20134 (2009)","DOI":"10.1109\/EBISS.2009.5137926"},{"key":"16_CR17","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-4560-73-3","volume-title":"Impact of Urbanization on Water Shortage in Face of Climatic Aberrations","author":"M Majumder","year":"2015","unstructured":"Majumder, M.: Impact of Urbanization on Water Shortage in Face of Climatic Aberrations. Springer, Singapore (2015). https:\/\/doi.org\/10.1007\/978-981-4560-73-3"},{"issue":"11","key":"16_CR18","doi-asserted-by":"publisher","first-page":"1197","DOI":"10.1023\/A:1005700314298","volume":"17","author":"I Millet","year":"1998","unstructured":"Millet, I.: Ethical decision making using the analytic hierarchy process. J. Bus. Ethics 17(11), 1197\u20131204 (1998)","journal-title":"J. Bus. Ethics"},{"key":"16_CR19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-33861-3","volume-title":"Pratical Decision Making: An Introduction to the Analytic Hierarchy Process (AHP) Using Super Decisions (v2)","author":"E Mu","year":"2017","unstructured":"Mu, E., Pereyra-Rojas, M.: Pratical Decision Making: An Introduction to the Analytic Hierarchy Process (AHP) Using Super Decisions (v2). Springer, Heidelberg (2017). https:\/\/doi.org\/10.1007\/978-3-319-33861-3"},{"issue":"April","key":"16_CR20","first-page":"10","volume":"4","author":"AA Nasser","year":"2018","unstructured":"Nasser, A.A.: Measuring the information security maturity of enterprises under uncertainty using fuzzy AHP. Int. J. Inf. Technol. Comput. Sci. 4(April), 10\u201325 (2018)","journal-title":"Int. J. Inf. Technol. Comput. Sci."},{"key":"16_CR21","unstructured":"Peters, M.L., Zelewski, S.: Analytical Hierarchy Process (AHP) \u2013 dargestellt am Beispiel der Auswahl von Projektmanagement-Software zum Multiprojektmanagement. Institut f\u00fcr Produktion und Industrielles Informationsmanagement (2002)"},{"key":"16_CR22","unstructured":"Rudolph, M., Schwarz, R.: Security indicators \u2013 a state of the art survey public report. FhG IESE VII(043) (2012)"},{"key":"16_CR23","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-33987-6","volume-title":"Decision Making with the Analytic Network Process: Economic, Political, Social and Technological Applications with Benefits, Opportunities, Costs and Risks","author":"TL Saaty","year":"2006","unstructured":"Saaty, T.L., Vargas, L.G.: Decision Making with the Analytic Network Process: Economic, Political, Social and Technological Applications with Benefits, Opportunities, Costs and Risks. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/0-387-33987-6"},{"key":"16_CR24","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-3597-6","volume-title":"Models, Methods, Concepts & Applications of the Analytic Hierarchy Process","author":"TL Saaty","year":"2012","unstructured":"Saaty, T.L., Vargas, L.G.: Models, Methods, Concepts & Applications of the Analytic Hierarchy Process, vol. 175. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-1-4614-3597-6"},{"issue":"4","key":"16_CR25","first-page":"46","volume":"10","author":"I Syamsuddin","year":"2009","unstructured":"Syamsuddin, I., Hwang, J.: The application of AHP to evaluate information security policy decision making. Int. J. Simul.: Syst. Sci. Technol. 10(4), 46\u201350 (2009)","journal-title":"Int. J. Simul.: Syst. Sci. Technol."},{"key":"16_CR26","doi-asserted-by":"crossref","unstructured":"Vaughn, R.B., Henning, R., Siraj, A.: Information assurance measures and metrics - state of practice and proposed taxonomy. In: Proceedings of the 36th Annual Hawaii International Conference on System Sciences, HICSS 2003 (2003)","DOI":"10.1109\/HICSS.2003.1174904"},{"issue":"November","key":"16_CR27","first-page":"60","volume":"14.3","author":"L Watkins","year":"2015","unstructured":"Watkins, L.: Cyber maturity as measured by scientific-based risk metrics. J. Inf. Walfare 14.3(November), 60\u201369 (2015)","journal-title":"J. Inf. Walfare"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-22312-0_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T15:36:20Z","timestamp":1710257780000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-22312-0_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030223113","9783030223120"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-22312-0_16","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"5 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on ICT Systems Security and Privacy Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lisbon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"34","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sec2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.ifipsec.org\/2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"76","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}