{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:01:32Z","timestamp":1754157692356,"version":"3.41.2"},"reference-count":2,"publisher":"Emerald","issue":"3","license":[{"start":{"date-parts":[[1993,3,1]],"date-time":"1993-03-01T00:00:00Z","timestamp":730944000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[1993,3,1]]},"abstract":"<jats:p>Information Security Management consists of various facets, for\nexample Information Security Policy, Risk Analysis, Risk Management,\nContingency Planning and Disaster Recovery which are all interrelated in\nsome way. These interrelationships often cause uncertainty and confusion\namong top management. Proposes a model for Information Security\nManagement, called an Information Security Management Model (ISM\u22832)\nand puts all the various facts in context. The model consists of five\ndifferent levels defined on a security axis. ISM\u22832 introduces the\nidea of international security criteria or international security\nstandards (baselines). The rationale behind these baselines is to enable\ninformation security evaluation according to internationally\u2010accepted\ncriteria.<\/jats:p>","DOI":"10.1108\/09685229310041893","type":"journal-article","created":{"date-parts":[[2006,5,22]],"date-time":"2006-05-22T04:13:35Z","timestamp":1148271215000},"page":"12-17","source":"Crossref","is-referenced-by-count":6,"title":["A Model for Information Security Management"],"prefix":"10.1108","volume":"1","author":[{"given":"R.","family":"von Solms","sequence":"first","affiliation":[]},{"given":"S.H.","family":"von Solms","sequence":"additional","affiliation":[]},{"given":"W.J.","family":"Caelli","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"volume-title":"Proceedings of the 14th Computer Security Conference, Washington DC","year":"1991","author":"Management Security","key":"p_2"},{"volume-title":"Internal Ministry","year":"1990","key":"p_6"}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685229310041893\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685229310041893\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:28Z","timestamp":1753402168000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/1\/3\/12-17\/173671"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1993,3,1]]},"references-count":2,"journal-issue":{"issue":"3","published-print":{"date-parts":[[1993,3,1]]}},"alternative-id":["10.1108\/09685229310041893"],"URL":"https:\/\/doi.org\/10.1108\/09685229310041893","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[1993,3,1]]}}}