{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,3]],"date-time":"2025-10-03T22:32:47Z","timestamp":1759530767868},"reference-count":19,"publisher":"Elsevier BV","issue":"5","license":[{"start":{"date-parts":[[2003,9,1]],"date-time":"2003-09-01T00:00:00Z","timestamp":1062374400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computer Standards & Interfaces"],"published-print":{"date-parts":[[2003,9]]},"DOI":"10.1016\/s0920-5489(03)00014-x","type":"journal-article","created":{"date-parts":[[2003,3,25]],"date-time":"2003-03-25T09:55:35Z","timestamp":1048586135000},"page":"447-461","source":"Crossref","is-referenced-by-count":13,"title":["Paper: a study on the certification of the information security management systems"],"prefix":"10.1016","volume":"25","author":[{"given":"Andrew","family":"Ren-Wei Fung","sequence":"first","affiliation":[]},{"given":"Kwo-Jean","family":"Farn","sequence":"additional","affiliation":[]},{"given":"Abe C.","family":"Lin","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/S0920-5489(03)00014-X_BIB1","unstructured":"The Executive Yuan of Republic of China (R.O.C.), February 5, 2001 (90) MOE document no. 007431 (2001)."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB2","unstructured":"The White House, National Plan for Information Systems Protection Version 1.0 (2000) 101\u2013102."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB3","series-title":"Trust in Cyberspace","author":"Schneider","year":"1999"},{"key":"10.1016\/S0920-5489(03)00014-X_BIB4","doi-asserted-by":"crossref","first-page":"43","DOI":"10.1016\/S0167-4048(01)01020-3","article-title":"Protecting critical information infrastructures","volume":"20","author":"Rathmell","year":"2001","journal-title":"Computers and Security"},{"key":"10.1016\/S0920-5489(03)00014-X_BIB5","unstructured":"National Information Infrastructure Group (NII), the Executive Yuan of R.O.C., The first meeting of the National information and communication security meeting (meeting data). National Information Infrastructure Group, Executive Yuan, (2001)."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB6","unstructured":"ISO (International Organization for Standardization)\/IEC (International Electro-technical Commission), Information Technology\u2014Code of Practice for Information Security Management. ISO\/IEC 17799. 2000 (E), ISO, (2000)."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB7","unstructured":"BSI (British Standards Institution), Information Security Management\u2014Part 2: Specification for Information Security Management Systems. BS7799-2: 1999; Information Security Management Systems - Specification with guidance for use. BS7799-2:2002, BSi (2002), September, London."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB8","series-title":"The CISSP Prep Guide: Mastering the Ten Domains of Computer Security","author":"Krutz","year":"2001"},{"key":"10.1016\/S0920-5489(03)00014-X_BIB9","unstructured":"Bureau of Standards, Metrology and Inspection, MOE, collected papers from the APEC-SBS Seminar, September 22, 2001, Taipei City, Bureau of Standards, Metrology and Inspection, Ministry of Economic Affairs (2001)."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB10","unstructured":"IEC, Dependability Management\u2014Part 3: Application Guide-Section 9: Risk Analysis of Technology Systems. IEC 300-3-9, 1995, IEC (1995)."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB11","unstructured":"ISO, Banking, Securities and Other Financial Services\u2014Information Security Guidelines. ISO TR 13569: 1997(E), ISO (1997)."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB12","unstructured":"ISO, Information Technology\u2014Guidelines for the Management of IT Security, Parts 1\u20135. ISO\/IEC TR 13335 (All Parts), ISO (2001)."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB13","unstructured":"U.S. Federal Deposit Insurance Corporation, Division of Supervision. Electronic Banking: Safety and Soundness Examination Procedures (1998)."},{"issue":"3","key":"10.1016\/S0920-5489(03)00014-X_BIB14","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1016\/S1363-4127(01)00309-0","article-title":"Information security governance","volume":"6","author":"Williams","year":"2001","journal-title":"Information Security Technical Report"},{"issue":"4","key":"10.1016\/S0920-5489(03)00014-X_BIB15","doi-asserted-by":"crossref","first-page":"308","DOI":"10.1016\/S0167-4048(01)00405-9","article-title":"Incremental information security certification","volume":"20","author":"Solms","year":"2001","journal-title":"Computers and Security"},{"issue":"4","key":"10.1016\/S0920-5489(03)00014-X_BIB16","doi-asserted-by":"crossref","first-page":"331","DOI":"10.1016\/S0167-4048(01)00411-4","article-title":"Extending the risk analysis model to include market-insurance","volume":"20","author":"Reid","year":"2001","journal-title":"Computers and Security"},{"key":"10.1016\/S0920-5489(03)00014-X_BIB17","author":"OECD Workshop","year":"2001"},{"key":"10.1016\/S0920-5489(03)00014-X_BIB18","unstructured":"C. Shu-The, A study into the internationalization of national standards. Bureau of Standards, Metrology and Inspection, Ministry of Economic Affairs, 1990."},{"key":"10.1016\/S0920-5489(03)00014-X_BIB19","unstructured":"ISO, Health informatics\ue5f8Public Key Infrastructure Part 1\u20133, ISO\/TS 17090 (All Parts), ISO, 2002."}],"container-title":["Computer Standards & Interfaces"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S092054890300014X?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S092054890300014X?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2019,3,27]],"date-time":"2019-03-27T07:52:29Z","timestamp":1553673149000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S092054890300014X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003,9]]},"references-count":19,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2003,9]]}},"alternative-id":["S092054890300014X"],"URL":"https:\/\/doi.org\/10.1016\/s0920-5489(03)00014-x","relation":{},"ISSN":["0920-5489"],"issn-type":[{"value":"0920-5489","type":"print"}],"subject":[],"published":{"date-parts":[[2003,9]]}}}