{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T01:47:00Z","timestamp":1777945620785,"version":"3.51.4"},"publisher-location":"Berlin, Heidelberg","reference-count":39,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642366109","type":"print"},{"value":"9783642366116","type":"electronic"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-36611-6_18","type":"book-chapter","created":{"date-parts":[[2013,1,29]],"date-time":"2013-01-29T20:00:56Z","timestamp":1359489656000},"page":"206-214","source":"Crossref","is-referenced-by-count":1,"title":["Enterprise Information Systems Security: A Case Study in the Banking Sector"],"prefix":"10.1007","author":[{"given":"Peggy E.","family":"Chaudhry","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sohail S.","family":"Chaudhry","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kevin D.","family":"Clark","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Darryl S.","family":"Jones","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"issue":"4","key":"18_CR1","first-page":"121","volume":"76","author":"T. Davenport","year":"1998","unstructured":"Davenport, T.: Putting the Enterprise into the Enterprise System. Harvard Business Review\u00a076(4), 121\u2013131 (1998)","journal-title":"Harvard Business Review"},{"key":"18_CR2","unstructured":"Sherr, I.: Sony Faces Lawsuit Over PlayStation Network Breach (April 28, 2011), \n                    \n                      http:\/\/online.wsj.com\/article\/BT-CO-20110428-720452.html\n                    \n                    \n                   (accessed on April 30, 2011)"},{"key":"18_CR3","unstructured":"Cyber-Ark Snooping Survey (April 2011), \n                    \n                      http:\/\/www.cyber-ark.com\/downloads\/pdf\/2011-Snooping-Survey-data.pdf\n                    \n                    \n                   (accessed on April 30, 2011)"},{"issue":"2","key":"18_CR4","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1057\/ejis.2009.8","volume":"18","author":"S. Boss","year":"2009","unstructured":"Boss, S., Kirsch, L., Angermeier, I., Shingler, R., Boss, R.: If Someone is Watching, I\u2019ll Do What I\u2019m Asked: Mandatoriness, Control, and Information Security. European Journal of Information Systems\u00a018(2), 151\u2013164 (2009)","journal-title":"European Journal of Information Systems"},{"issue":"2","key":"18_CR5","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1201\/1078\/45099.22.2.20050301\/87273.2","volume":"22","author":"S. Keller","year":"2005","unstructured":"Keller, S., Powell, A., Horstmann, B., Predmore, C., Crawford, C.: Information Security Threats and Practices in Small Businesses. Information Systems Management\u00a022(2), 7\u201319 (2005)","journal-title":"Information Systems Management"},{"issue":"1","key":"18_CR6","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1080\/10580530802384639","volume":"26","author":"M. Sumner","year":"2009","unstructured":"Sumner, M.: Information Security Threats: A Comparative Analysis of Impact, Probability, and Preparedness. Information Systems Management\u00a026(1), 2\u201312 (2009)","journal-title":"Information Systems Management"},{"key":"18_CR7","unstructured":"Walsh, K.: The ERP Security Challenge (January 8, 2008), \n                    \n                      http:\/\/www.cio.com\/article\/216940\/The_ERP_Security_Challenge\n                    \n                    \n                   (accessed on April 30, 2011)"},{"issue":"3","key":"18_CR8","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1057\/palgrave.ejis.3000537","volume":"14","author":"M.T. Siponen","year":"2005","unstructured":"Siponen, M.T.: An Analysis of the Traditional IS Security Approaches: Implications for Research and Practice. European Journal of Information Systems\u00a014(3), 303\u2013315 (2005)","journal-title":"European Journal of Information Systems"},{"issue":"2","key":"18_CR9","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1057\/ejis.2009.6","volume":"18","author":"T. Herath","year":"2009","unstructured":"Herath, T., Rao, H.R.: Protection Motivation and Deterrence: A Framework for Security Policy Compliance in Organisations. European Journal of Information Systems\u00a018(2), 106\u2013125 (2009)","journal-title":"European Journal of Information Systems"},{"issue":"3","key":"18_CR10","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1016\/j.cose.2004.01.012","volume":"23","author":"C. Vroom","year":"2004","unstructured":"Vroom, C., von Solms, R.: Towards Information Security Behavioural Compliance. Computers & Security\u00a023(3), 191\u2013198 (2004)","journal-title":"Computers & Security"},{"issue":"2","key":"18_CR11","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1016\/S0268-4012(02)00105-6","volume":"23","author":"A. Kankanhalli","year":"2003","unstructured":"Kankanhalli, A., Teo, H.H., Tan, B.C.Y., Wei, K.K.: An Integrative Study of Information Systems Security Effectiveness. International Journal of Information Management\u00a023(2), 139\u2013154 (2003)","journal-title":"International Journal of Information Management"},{"issue":"3","key":"18_CR12","first-page":"20","volume":"41","author":"N. Swartz","year":"2007","unstructured":"Swartz, N.: Protecting Information from Insiders. Information Management Journal\u00a041(3), 20\u201324 (2007)","journal-title":"Information Management Journal"},{"issue":"5","key":"18_CR13","doi-asserted-by":"publisher","first-page":"528","DOI":"10.1057\/ejis.2008.42","volume":"17","author":"F. D\u2019aubeterre","year":"2008","unstructured":"D\u2019aubeterre, F., Singh, R., Iyer, L.: Secure Activity Resource Coordination: Empirical Evidence of Enhanced Security Awareness in Designing Secure Business Processes. European Journal of Information Systems\u00a017(5), 528\u2013542 (2008)","journal-title":"European Journal of Information Systems"},{"issue":"7","key":"18_CR14","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1016\/j.cose.2009.07.001","volume":"28","author":"K. Knapp","year":"2009","unstructured":"Knapp, K., Morris, R., Marshall, T., Byrd, T.: Information Security Policy: An Organizational-Level Process Model. Computers & Security\u00a028(7), 493\u2013508 (2009)","journal-title":"Computers & Security"},{"issue":"5","key":"18_CR15","doi-asserted-by":"publisher","first-page":"246","DOI":"10.1080\/10658980701744861","volume":"16","author":"A.W. Kadam","year":"2007","unstructured":"Kadam, A.W.: Information Security Policy Development and Implementation. Information Systems Security\u00a016(5), 246\u2013256 (2007)","journal-title":"Information Systems Security"},{"issue":"2","key":"18_CR16","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1057\/ejis.2009.10","volume":"18","author":"L. Myyry","year":"2009","unstructured":"Myyry, L., Siponen, M., Pahnila, S., Vartiainen, T., Vance, A.: What Levels of Moral Reasoning and Values Explain Adherence to Information Security Rules? An Empirical Study. European Journal of Information Systems\u00a018(2), 126\u2013139 (2009)","journal-title":"European Journal of Information Systems"},{"issue":"4","key":"18_CR17","doi-asserted-by":"publisher","first-page":"377","DOI":"10.1108\/09685220810908796","volume":"16","author":"J.M. Hagen","year":"2008","unstructured":"Hagen, J.M., Albrechtsen, E., Hovden, J.: Implementation and Effectiveness of Organizational Information Security Measures. Information Management & Computer Security\u00a016(4), 377\u2013397 (2008)","journal-title":"Information Management & Computer Security"},{"issue":"4","key":"18_CR18","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1108\/09685220610690817","volume":"14","author":"A.J.T. Chang","year":"2006","unstructured":"Chang, A.J.T., Yeh, Q.J.: On Security Preparations against Possible IS Threats across Industries. Information Management & Computer Security\u00a014(4), 343\u2013360 (2006)","journal-title":"Information Management & Computer Security"},{"key":"18_CR19","doi-asserted-by":"publisher","first-page":"296","DOI":"10.1016\/j.im.2011.07.002","volume":"48","author":"J. Son","year":"2011","unstructured":"Son, J.: Out of Fear or Desire? Toward a Better Understanding of Employees\u2019 Motivation to follow IS Security Policies. Information and Management\u00a048, 296\u2013302 (2011)","journal-title":"Information and Management"},{"key":"18_CR20","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1080\/10658980701401959","volume":"16","author":"W. She","year":"2007","unstructured":"She, W., Thuraisingham, B.: Security for Enterprise Resource Planning Systems. Information Systems Security\u00a016, 152\u2013163 (2007)","journal-title":"Information Systems Security"},{"key":"18_CR21","unstructured":"Sandhu, R., Cope, E.J., Feinstein, H.L., Youman, C.E.: Role Based Access Control Models. IEEE (1996) 0018-9162"},{"issue":"4","key":"18_CR22","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1080\/17517570802442063","volume":"2","author":"M. Sinderen","year":"2008","unstructured":"Sinderen, M.: Challenges and Solutions in Enterprise Computing. Enterprise Information Systems\u00a02(4), 341\u2013346 (2008)","journal-title":"Enterprise Information Systems"},{"issue":"2","key":"18_CR23","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1080\/17517571003754561","volume":"4","author":"J.W. Wang","year":"2010","unstructured":"Wang, J.W., Gao, F., Ip, W.H.: Measurement of Resilience and its Application to Enterprise Information Systems. Enterprise Information Systems\u00a04(2), 215\u2013223 (2010)","journal-title":"Enterprise Information Systems"},{"issue":"6","key":"18_CR24","doi-asserted-by":"publisher","first-page":"408","DOI":"10.1016\/j.cose.2006.07.005","volume":"25","author":"R. Solms von","year":"2006","unstructured":"von Solms, R., von Solms, S.H.B.: Information Security Governance: A Model based on the Direct-Control Cycle. Computers & Security\u00a025(6), 408\u2013412 (2006)","journal-title":"Computers & Security"},{"issue":"2","key":"18_CR25","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1016\/S0167-4048(03)00205-0","volume":"22","author":"K. Doughty","year":"2003","unstructured":"Doughty, K.: Implementing Enterprise Security: A Case Study. Computers & Security\u00a022(2), 99\u2013114 (2003)","journal-title":"Computers & Security"},{"key":"18_CR26","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1080\/10658980601051706","volume":"16","author":"R.P. Tracey","year":"2007","unstructured":"Tracey, R.P.: IT Security Management and Business Process Automation: Challenges, Approaches, and Rewards. Information Systems Security\u00a016, 114\u2013122 (2007)","journal-title":"Information Systems Security"},{"issue":"4","key":"18_CR27","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1080\/10580530701586136","volume":"24","author":"A. Veiga Da","year":"2007","unstructured":"Da Veiga, A., Eloff, J.: An Information Security Governance Framework. Information Systems Management\u00a024(4), 361\u2013372 (2007)","journal-title":"Information Systems Management"},{"issue":"2","key":"18_CR28","first-page":"26","volume":"46","author":"P. Weill","year":"2005","unstructured":"Weill, P., Ross, J.: A Matrixed Approach to Designing IT Governance. Sloan Management Review\u00a046(2), 26\u201334 (2005)","journal-title":"Sloan Management Review"},{"key":"18_CR29","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1016\/j.cose.2005.07.003","volume":"24","author":"S.H.B. Solms von","year":"2005","unstructured":"von Solms, S.H.B.: Information Security Governance: Compliance Management vs. Operational Management. Computers & Security\u00a024, 443\u2013447 (2005)","journal-title":"Operational Management. Computers & Security"},{"issue":"3","key":"18_CR30","first-page":"49","volume":"14","author":"B. Khoo","year":"2010","unstructured":"Khoo, B., Harris, P., Hartman, S.: Information Security Governance of Enterprise Information Systems: An Approach to Legislative Compliant. International Journal of Management and Information Systems\u00a014(3), 49\u201355 (2010)","journal-title":"International Journal of Management and Information Systems"},{"key":"18_CR31","volume-title":"Information Security Policies, Procedures, and Standards: Guidelines for Effective Security Management","author":"T.R. Peltier","year":"2002","unstructured":"Peltier, T.R.: Information Security Policies, Procedures, and Standards: Guidelines for Effective Security Management. Auerbach Publications, Florida (2002)"},{"issue":"3","key":"18_CR32","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1007\/s10922-010-9180-y","volume":"19","author":"A. Sengupta","year":"2011","unstructured":"Sengupta, A., Mazumdar, C., Bagchi, A.: A Formal Methodology for Detecting Managerial Vulnerabilities and Threats in an Enterprise Information System. Journal of Network System Management\u00a019(3), 319\u2013342 (2011)","journal-title":"Journal of Network System Management"},{"key":"18_CR33","series-title":"LNBIP","doi-asserted-by":"publisher","first-page":"118","DOI":"10.1007\/978-3-642-28827-2_9","volume-title":"Re-conceptualizing Enterprise Information Systems","author":"P.E. Chaudhry","year":"2012","unstructured":"Chaudhry, P.E., Chaudhry, S.S., Reese, R., Jones, D.S.: Enterprise Information Systems Security: A Conceptual Framework. In: M\u00f8ller, C., Chaudhry, S. (eds.) CONFENIS 2011. LNBIP, vol.\u00a0105, pp. 118\u2013128. Springer, Heidelberg (2012)"},{"issue":"3","key":"18_CR34","first-page":"243","volume":"3","author":"P. Chaudhry","year":"2011","unstructured":"Chaudhry, P., Chaudhry, S.S., Reese, R.: Developing a Model for Enterprise Information Systems Security. Journal of Academic Research in Economics\u00a03(3), 243\u2013254 (2011)","journal-title":"Journal of Academic Research in Economics"},{"key":"18_CR35","unstructured":"Banking Sector Security, A Report by MWR Labs, \n                    \n                      http:\/\/labs.mwrinfosecurity.com\/assets\/130\/mwri_annual-research-banking-review-2010-08.pdf\n                    \n                    \n                   (accessed on April 24)"},{"key":"18_CR36","unstructured":"About the FFIEC, \n                    \n                      http:\/\/www.ffiec.gov\/about.htm\n                    \n                    \n                   (accessed on April 24, 2012)"},{"key":"18_CR37","unstructured":"Federal Financial Institutions Examination Council, Information Security (2006), \n                    \n                      http:\/\/ithandbook.ffiec.gov\/ITBooklets\/FFIEC_ITBooklet_InformationSecurity.pdf\n                    \n                    \n                   (accessed on April 24, 2012)"},{"key":"18_CR38","unstructured":"FDIC Law, Regulations, Related Acts, \n                    \n                      http:\/\/www.fdic.gov\/regulations\/laws\/rules\/2000-8660.html\n                    \n                    \n                   (accessed on April 24, 2012)"},{"key":"18_CR39","unstructured":"Langin, D.J.: Gramm-Leach-Bliley Security Requirements: Keeping Robbers and Regulators from the Door, \n                    \n                      http:\/\/www.securitymanagement.com\/archive\/library\/gramm_tech0902.pdf\n                    \n                    \n                   (accessed on April 24, 2012)"}],"container-title":["Lecture Notes in Business Information Processing","Enterprise Information Systems of the Future"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-36611-6_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T19:07:31Z","timestamp":1558379251000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-36611-6_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642366109","9783642366116"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-36611-6_18","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"value":"1865-1348","type":"print"},{"value":"1865-1356","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}