{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T19:13:13Z","timestamp":1725563593386},"publisher-location":"Berlin, Heidelberg","reference-count":46,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642157165"},{"type":"electronic","value":"9783642157172"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-15717-2_14","type":"book-chapter","created":{"date-parts":[[2010,9,1]],"date-time":"2010-09-01T13:25:30Z","timestamp":1283347530000},"page":"120-130","source":"Crossref","is-referenced-by-count":0,"title":["Methods of Organizational Information Security"],"prefix":"10.1007","author":[{"given":"Jos\u00e9","family":"Martins","sequence":"first","affiliation":[]},{"given":"Henrique","family":"dos Santos","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"8","key":"14_CR1","doi-asserted-by":"publisher","first-page":"638","DOI":"10.1016\/j.cose.2004.10.006","volume":"23","author":"S. Posthumus","year":"2004","unstructured":"Posthumus, S., Von Solms, R.: A framework for the governance of information security. Computers & Security\u00a023(8), 638\u2013646 (2004)","journal-title":"Computers & Security"},{"issue":"1","key":"14_CR2","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1145\/1216218.1216224","volume":"38","author":"M. Siponen","year":"2007","unstructured":"Siponen, M., Oinas-Kukkonen, H.: A review of information security issues and respective research contributions. ACM SIGMIS Database\u00a038(1), 80 (2007)","journal-title":"ACM SIGMIS Database"},{"key":"14_CR3","unstructured":"ISO\/IEC27001: Information technology \u2013 Security techniques \u2013 Information Security Management Systems - Requirements (2005)"},{"key":"14_CR4","unstructured":"Richardson, R.: The 13th Annual Computer Crime and Security Survey, Computer Security Institute (2008)"},{"key":"14_CR5","unstructured":"JP3\u201313: Joint Doctrine for Information Operation, United States of America (2006)"},{"key":"14_CR6","unstructured":"FM100-06: Information Operations, Headquarters, Department of the Army, Washington, United States of America(1996)"},{"key":"14_CR7","unstructured":"Kurose, J.F., Ross, K.W.: Computer Networking, Addison Wesley, 4th edn. United States of America (2008)"},{"key":"14_CR8","unstructured":"Waltz, E.: Information Warfare: Principles and Operations. Artech House (1998)"},{"key":"14_CR9","unstructured":"FM3-13: Information Operations: Doctrine, Tactics, Techniques, and Procedures, Headquarters, Department of the Army, Washington, United States of America (2003)"},{"key":"14_CR10","volume-title":"Physical Security for IT","author":"M. Erbschloe","year":"2005","unstructured":"Erbschloe, M.: Physical Security for IT. Elsevier Digital Press, United States of America (2005)"},{"key":"14_CR11","volume-title":"National Defense Policies for Cyber Space \u2013 Background and Effect of the Estonian Cyber Attacks","author":"E. Tikk","year":"2008","unstructured":"Tikk, E.: National Defense Policies for Cyber Space \u2013 Background and Effect of the Estonian Cyber Attacks. Academia Militar, Lisboa (2008)"},{"key":"14_CR12","unstructured":"Tikk, E., et al.: Cyber Attacks Against Georgia: Legal Lessons Identified, NATO Unclassified Report v1.0, Cooperative Cyber Defense Centre of Excellence, Tallin, Estonia (2008)"},{"key":"14_CR13","unstructured":"Krektel, B., Bakos, G., Barnett, C.: Capability of the People\u2019s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation, Northrop Grumman Corporation, Report, United States of America (2009)"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Alberts, D.S., Garstka, J.J., Stein, F.P.: Network Centric Warfare: Developing and Leveraging Information Superiorit, Washington, United States of America. CCRP Publication Series (1999)","DOI":"10.21236\/ADA406255"},{"key":"14_CR15","doi-asserted-by":"crossref","unstructured":"Alberts, D.S., et al.: Understanding Information Age Warfare, Washington, United States of America. CCRP Publication Series (2001)","DOI":"10.21236\/ADA386374"},{"key":"14_CR16","unstructured":"Hutchinson, W.: The Changing Nature of Information Security. In: 1st Information Security Management 2003, Australian (2003)"},{"issue":"6","key":"14_CR17","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1201\/1086\/44022.12.6.20040101\/79783.5","volume":"12","author":"A. Chesla","year":"2004","unstructured":"Chesla, A.: Information Security: A Defensive Battle. Information Security Journal: A Global Perspective\u00a012(6), 24\u201332 (2004)","journal-title":"Information Security Journal: A Global Perspective"},{"key":"14_CR18","volume-title":"Management Information Systems","author":"K.C. Laudon","year":"2006","unstructured":"Laudon, K.C., Laudon, J.P.: Management Information Systems, 9th edn. Prentice Hall, United States of America (2006)","edition":"9"},{"key":"14_CR19","volume-title":"Securiy in Computing","author":"C.P. Pfleeger","year":"2007","unstructured":"Pfleeger, C.P., Pfleeger, S.L.: Securiy in Computing, 9th edn. Prentice Hall, United States of America (2007)","edition":"9"},{"key":"14_CR20","volume-title":"CISSP All-in-One Exam Guide","author":"S. Harris","year":"2008","unstructured":"Harris, S.: CISSP All-in-One Exam Guide, 4th edn. McGraw-Hill, New York (2008)","edition":"4"},{"key":"14_CR21","unstructured":"ISO\/IEC13335-1: Information technology- Security techniques-Management of information and communications technology security. Part 1: Concepts and models for information and communication technology security management (2004)"},{"key":"14_CR22","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1108\/09685220310500153","volume":"11","author":"K. Hong","year":"2003","unstructured":"Hong, K., et al.: An integrated system theory of information security management. Information Management and Computer Security\u00a011, 243\u2013248 (2003)","journal-title":"Information Management and Computer Security"},{"key":"14_CR23","unstructured":"COBIT4.0: Control Objectives \u2013 Management Guidelines \u2013 Maturity Models, IT Governance Institute, United States of America (2005)"},{"issue":"2\/3","key":"14_CR24","doi-asserted-by":"crossref","first-page":"119","DOI":"10.1108\/09685220210431872","volume":"10","author":"C. Vermeulen","year":"2002","unstructured":"Vermeulen, C., Von Solms, R.: The information security management toolbox-taking the pain out of security management. Information Management and Computer Security\u00a010(2\/3), 119\u2013125 (2002)","journal-title":"Information Management and Computer Security"},{"issue":"4","key":"14_CR25","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1016\/S0167-4048(98)80010-2","volume":"17","author":"T. Finne","year":"1998","unstructured":"Finne, T.: A conceptual framework for information security management. Computers & Security\u00a017(4), 303\u2013307 (1998)","journal-title":"Computers & Security"},{"key":"14_CR26","first-page":"31","volume":"6","author":"A. Nnolim","year":"2008","unstructured":"Nnolim, A., Steenkamp, A.: An Architectural and Process Model Approach to Information Security Management. Information Systems Education Journal\u00a06, 31 (2008)","journal-title":"Information Systems Education Journal"},{"issue":"6","key":"14_CR27","doi-asserted-by":"publisher","first-page":"504","DOI":"10.1016\/S0167-4048(01)00608-3","volume":"20","author":"B. Solms von","year":"2001","unstructured":"von Solms, B.: Information security\u2014a multidimensional discipline. Computers & Security\u00a020(6), 504\u2013508 (2001)","journal-title":"Computers & Security"},{"key":"14_CR28","doi-asserted-by":"crossref","unstructured":"Kajava, J., et al.: Information Security Standards and Global Business. Industrial Technology, 15\u201317 (2006)","DOI":"10.1109\/ICIT.2006.372505"},{"issue":"3","key":"14_CR29","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1108\/09685220810893207","volume":"16","author":"Q. Ma","year":"2008","unstructured":"Ma, Q., Johnston, A., Pearson, J.: Information security management objectives and practices: a parsimonious framework. Information Management & Computer Security\u00a016(3), 251\u2013270 (2008)","journal-title":"Information Management & Computer Security"},{"issue":"4","key":"14_CR30","doi-asserted-by":"publisher","first-page":"375","DOI":"10.1145\/162124.162127","volume":"25","author":"R. Baskerville","year":"1993","unstructured":"Baskerville, R.: Information systems security design methods: implications for information systems development. ACM Computing Surveys (CSUR)\u00a025(4), 375\u2013414 (1993)","journal-title":"ACM Computing Surveys (CSUR)"},{"issue":"3","key":"14_CR31","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1016\/S0167-4048(00)88613-7","volume":"19","author":"M. Eloff","year":"2000","unstructured":"Eloff, M., Von Solms, S.: Information security management: a hierarchical framework for various approaches. Computers & Security\u00a019(3), 243\u2013256 (2000)","journal-title":"Computers & Security"},{"issue":"5-6","key":"14_CR32","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1016\/j.cose.2008.05.006","volume":"27","author":"E. Kritzinger","year":"2008","unstructured":"Kritzinger, E., Smith, E.: Information security management: An information security retrieval and awareness model for industry. Computers & Security\u00a027(5-6), 224\u2013231 (2008)","journal-title":"Computers & Security"},{"issue":"1","key":"14_CR33","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1016\/j.istr.2005.12.001","volume":"11","author":"J. Broderick","year":"2006","unstructured":"Broderick, J.: ISMS, security standards and security regulations. Information Security Technical Report\u00a011(1), 26\u201331 (2006)","journal-title":"Information Security Technical Report"},{"issue":"4","key":"14_CR34","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1016\/j.istr.2008.10.010","volume":"13","author":"E. Humphreys","year":"2008","unstructured":"Humphreys, E.: Information security management standards: Compliance, governance and risk management. Information Security Technical Report\u00a013(4), 247\u2013255 (2008)","journal-title":"Information Security Technical Report"},{"key":"14_CR35","unstructured":"ISO\/IEC27002: Information Technology-Security Techniques-Code of Practice for Information Security Management (2007)"},{"key":"14_CR36","unstructured":"ISO\/IEC13335-4: Information technology- Guidelines for the management of IT Security. Part 4: Selection of safeguards (2000)"},{"key":"14_CR37","unstructured":"ISO\/IEC13335-5: Information technology-Guidelines for the management of IT Security. Part 5: Management guidance on network (2001)"},{"key":"14_CR38","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1108\/09685229910255223","volume":"7","author":"R. Solms Von","year":"1999","unstructured":"Von Solms, R.: Information security management: why standards are important. Information Management and Computer Security\u00a07, 50\u201357 (1999)","journal-title":"Information Management and Computer Security"},{"key":"14_CR39","unstructured":"NIST-SP800-53: Information Security (2007)"},{"key":"14_CR40","unstructured":"NIST-SP800-42: Computer Security \u2013 Guideline on Network Security Testing (2001)"},{"key":"14_CR41","unstructured":"Barafort, B., Humbert, J., Poggi, S.: Information Security Management and ISO\/IEC 15504: the link opportunity between Security and Quality (2006)"},{"key":"14_CR42","unstructured":"ISO\/IEC15408: Information Technology-Security Techniques-Evaluation Criteria for IT Security (2005)"},{"key":"14_CR43","doi-asserted-by":"crossref","unstructured":"Alberts, C., Dorofe, A.: OCTAVE \u2013 Method Implementation Guide Version 2.0, Carnegie Mellon, Software Engineering Institute, United States of America (2001)","DOI":"10.21236\/ADA634140"},{"issue":"2","key":"14_CR44","doi-asserted-by":"crossref","first-page":"242","DOI":"10.1108\/02635570610649880","volume":"106","author":"Shi\u2010Ming Huang","year":"2006","unstructured":"Huang, S., Lee, C., Kao, A.: Balancing performance measures for information security management. Industrial Management & Data Systems\u00a0106(2) (2006)","journal-title":"Industrial Management & Data Systems"},{"key":"14_CR45","unstructured":"Martins, J.C.L., Santos, H.M.D.d., Nunes, P.V.: Security Framework for Information Systems. In: 8th European Conference on Information Warfare and Security, Lisboa (2009)"},{"issue":"6","key":"14_CR46","doi-asserted-by":"publisher","first-page":"501","DOI":"10.1016\/j.csi.2004.03.012","volume":"26","author":"K.J. Farn","year":"2004","unstructured":"Farn, K.J., Lin, S.K., Fung, A.R.W.: A study on information security management system evaluation - assets, threat and vulnerability. Computer Standards & Interfaces\u00a026(6), 501\u2013513 (2004)","journal-title":"Computer Standards & Interfaces"}],"container-title":["Communications in Computer and Information Science","Global Security, Safety, and Sustainability"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-15717-2_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,1,9]],"date-time":"2020-01-09T02:39:53Z","timestamp":1578537593000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-15717-2_14"}},"subtitle":["(A Literature Review)"],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642157165","9783642157172"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-15717-2_14","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2010]]}}}