{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T12:28:55Z","timestamp":1725971335671},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319778174"},{"type":"electronic","value":"9783319778181"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-77818-1_2","type":"book-chapter","created":{"date-parts":[[2018,3,15]],"date-time":"2018-03-15T11:23:36Z","timestamp":1521113016000},"page":"14-24","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A Context Adaptive Framework for IT Governance, Risk, Compliance and Security"],"prefix":"10.1007","author":[{"given":"Shree","family":"Govindji","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gabrielle","family":"Peko","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Sundaram","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,3,16]]},"reference":[{"key":"2_CR1","unstructured":"IBM: SAP Security and GRC Services (2015). https:\/\/www-01.ibm.com\/common\/ssi\/cgi-bin\/ssialias?htmlfid=SES03016USEN"},{"key":"2_CR2","unstructured":"ISACA: The Risk IT Framework \u2013 Excerpt (2009). http:\/\/www.isaca.org\/knowledge-center\/research\/documents\/risk-it-framework-excerpt_fmk_eng_0109.pdf"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"De Smet, D., Mayer, N.: Integration of IT governance and security risk management\u202f: a systematic literature review, no. 1, pp. 143\u2013148 (2016)","DOI":"10.1109\/i-Society.2016.7854200"},{"key":"2_CR4","unstructured":"Racz, N., Seufert, A., Weippl, E.: A process model for integrated IT governance, risk, and compliance management. In: Proceedings of the Ninth Baltic Conference on Databases and Information Systems (DB&IS 2010), p. 155 (2010)"},{"key":"2_CR5","unstructured":"Kuppinger, M.: IT GRC and IT Security - Where is the link? (2010). https:\/\/www.kuppingercole.com\/blog\/kuppinger\/grc_it_security_link180210"},{"key":"2_CR6","doi-asserted-by":"crossref","unstructured":"Vicente, P., Da Silva, M.M.: A business viewpoint for integrated IT governance, risk and compliance. In: 2011 IEEE World Congress on Services, pp. 422\u2013428 (2011)","DOI":"10.1109\/SERVICES.2011.62"},{"key":"2_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1007\/978-3-642-13241-4_11","volume-title":"Communications and Multimedia Security","author":"N Racz","year":"2010","unstructured":"Racz, N., Weippl, E., Seufert, A.: A frame of reference for research of integrated governance, risk and compliance (GRC). In: De Decker, B., Schaum\u00fcller-Bichl, I. (eds.) CMS 2010. LNCS, vol. 6109, pp. 106\u2013117. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13241-4_11"},{"key":"2_CR8","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1057\/978-1-137-59442-6_14","volume-title":"Commercial Banking Risk Management","author":"J Recor","year":"2017","unstructured":"Recor, J., Xu, H.: GRC technology introduction. In: Tian, W. (ed.) Commercial Banking Risk Management, pp. 305\u2013331. Palgrave Macmillan US, New York (2017). https:\/\/doi.org\/10.1057\/978-1-137-59442-6_14"},{"key":"2_CR9","unstructured":"Racz, N., Weippl, E., Seufert, A.: Governance, risk & compliance (GRC) software \u2013 an exploratory study of software vendor and market research perspectives, pp. 1\u201310 (2011)"},{"key":"2_CR10","unstructured":"Smith, R.: Seven things you need to know about IT controls. SOX Committee Integration Consortium (2004). www.integrationconsortium.org"},{"key":"2_CR11","unstructured":"COSO (2004). https:\/\/www.coso.org\/documents\/COSOBoardsERM4pager-FINALRELEASEVERSION82409_001.pdf"},{"key":"2_CR12","unstructured":"Fowler-Rians, K.: Determinants of federal regulation compliance: a study of the employee trip reduction program. Unpublished Doctoral Dissertation, University of Houston (1997)"},{"issue":"8","key":"2_CR13","first-page":"20","volume":"90","author":"ML Frigo","year":"2009","unstructured":"Frigo, M.L., Anderson, R.J.: A strategic framework for governance, risk, and compliance. Strateg. Financ. 90(8), 20\u201361 (2009)","journal-title":"Strateg. Financ."},{"key":"2_CR14","unstructured":"Rasmussen, M.: Value of a Common Architecture for GRC Platforms Business Burdened by Varying Risk & Value of a Common, pp. 1\u20138 (2010)"},{"key":"2_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1007\/978-3-642-23082-0_6","volume-title":"Foundations of Security Analysis and Design VI","author":"Y Asnar","year":"2011","unstructured":"Asnar, Y., Massacci, F.: A method for security governance, risk, and compliance (GRC): a goal-process approach. In: Aldini, A., Gorrieri, R. (eds.) FOSAD 2011. LNCS, vol. 6858, pp. 152\u2013184. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-23082-0_6"},{"key":"2_CR16","unstructured":"Rashid, F.: How to Leverage GRC for Security (2013). http:\/\/www.bankinfosecurity.com\/how-to-leverage-grc-for-security-a-6164"},{"key":"2_CR17","unstructured":"Anand, S.: Technology and the Integration of Governance, pp. 57\u201359, December 2010"},{"key":"2_CR18","unstructured":"AMR Research: November 2009 GRC in 2010\u202f: $ 29.8B in Spending Sparked by Risk, Visibility, and Efficiency (2010)"},{"issue":"12","key":"2_CR19","first-page":"26","volume":"45","author":"J Linkous","year":"2008","unstructured":"Linkous, J.: Put the \u201ci\u201d in IT compliance. Commun. News 45(12), 26 (2008)","journal-title":"Commun. News"},{"key":"2_CR20","doi-asserted-by":"crossref","unstructured":"Ekelhart, A., Fenz, S., Klemen, M., Weippl, E.: Security ontologies: improving quantitative risk analysis. In: Proceedings of the Annual Hawaii International Conference on System Sciences, pp. 1\u20137 (2007)","DOI":"10.1109\/HICSS.2007.478"},{"issue":"1","key":"2_CR21","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1201\/1078\/44912.22.1.20051201\/85741.9","volume":"22","author":"M Damianides","year":"2005","unstructured":"Damianides, M.: Sarbanes-Oxley and it governance: new guidance on it control and compliance. Inf. Syst. Manag. 22(1), 77\u201385 (2005)","journal-title":"Inf. Syst. Manag."},{"key":"2_CR22","doi-asserted-by":"crossref","unstructured":"Grob, H.L., Strauch, G., Buddendick, C.: Applications for IT-risk management \u2013 requirements and practical evaluation, pp. 758\u2013764 (2008)","DOI":"10.1109\/ARES.2008.168"},{"key":"2_CR23","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1016\/j.apergo.2006.03.010","volume":"38","author":"S Kraemer","year":"2007","unstructured":"Kraemer, S., Carayon, P.: Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists. Appl. Ergon. 38, 143\u2013154 (2007)","journal-title":"Appl. Ergon."},{"issue":"3","key":"2_CR24","doi-asserted-by":"crossref","first-page":"345","DOI":"10.1108\/02635570610653498","volume":"106","author":"SE Chang","year":"2006","unstructured":"Chang, S.E., Ho, C.B.: Organizational factors to the effectiveness of implementing Information security management. Ind. Manag. Data Syst. 106(3), 345\u2013361 (2006)","journal-title":"Ind. Manag. Data Syst."},{"key":"2_CR25","doi-asserted-by":"crossref","first-page":"139","DOI":"10.1016\/S0268-4012(02)00105-6","volume":"23","author":"A Kankanhalli","year":"2003","unstructured":"Kankanhalli, A., Teo, H.-H., Tan, B.C., Wei, K.-K.: An integrative study of information systems security effectiveness. Int. J. Inf. Manag. 23, 139\u2013154 (2003)","journal-title":"Int. J. Inf. Manag."},{"issue":"1","key":"2_CR26","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1108\/09685220910944722","volume":"17","author":"R Werlinger","year":"2009","unstructured":"Werlinger, R., Hawkey, K., Beznosov, K.: An integrated view of human, organizational, and technological challenges of IT security management. Inf. Manag. Comput. Secur. 17(1), 4\u201319 (2009)","journal-title":"Inf. Manag. Comput. Secur."},{"issue":"4","key":"2_CR27","doi-asserted-by":"crossref","first-page":"361","DOI":"10.1080\/10580530701586136","volume":"24","author":"A Veiga Da","year":"2007","unstructured":"Da Veiga, A., Eloff, J.: An information security governance framework. Inf. Syst. Manag. 24(4), 361\u2013372 (2007)","journal-title":"Inf. Syst. Manag."},{"issue":"3","key":"2_CR28","doi-asserted-by":"crossref","first-page":"134","DOI":"10.2307\/41166497","volume":"51","author":"M Parent","year":"2009","unstructured":"Parent, M., Reich, B.: Governing information technology risk. Calif. Manag. Rev. 51(3), 134\u2013152 (2009)","journal-title":"Calif. Manag. Rev."}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Context-Aware Systems and Applications, and Nature of Computation and Communication"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-77818-1_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,12]],"date-time":"2019-10-12T19:40:55Z","timestamp":1570909255000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-77818-1_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319778174","9783319778181"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-77818-1_2","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2018]]}}}