{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,6]],"date-time":"2026-03-06T15:50:05Z","timestamp":1772812205999,"version":"3.50.1"},"reference-count":25,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,8]]},"DOI":"10.1109\/issa.2013.6641062","type":"proceedings-article","created":{"date-parts":[[2013,10,29]],"date-time":"2013-10-29T19:20:04Z","timestamp":1383074404000},"page":"1-6","source":"Crossref","is-referenced-by-count":6,"title":["Information security risk management in small-scale organisations: A case study of secondary schools computerised information systems"],"prefix":"10.1109","author":[{"given":"Moses","family":"Moyo","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hanifa.","family":"Abdullah","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rita C.","family":"Nienaber","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","author":"ding","year":"2002","journal-title":"Quantitative Risk Analysis Step-by-step GSEC Practical Version"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2011.07.015"},{"key":"18","first-page":"20","article-title":"The OCTAVE approach to information security risk assessment","volume":"4","author":"panda","year":"2009","journal-title":"Journal of Past Issues"},{"key":"15","article-title":"How much security is enough? A risk-Management approach to computer security","author":"soo hoo","year":"2000","journal-title":"Consortium for Research on Information Security and Policy"},{"key":"16","author":"mazareanu","year":"2007","journal-title":"Risk Management and Analysis Risk Assessment Qualitative and Quantitative"},{"key":"13","author":"renfroe","year":"2010","journal-title":"Threat\/Vulnerability Assessments and Risk Analysis"},{"key":"14","author":"shortreed","year":"2003","journal-title":"Basic Frameworks for Risk Management"},{"key":"11","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1080\/07421222.1991.11517914","article-title":"HRisk analysis for information technology","volume":"8","author":"rainer","year":"1991","journal-title":"Journal of Management Information Systems"},{"key":"12","article-title":"Information security risk management: An overview risk management","author":"tiwari","year":"2010","journal-title":"An Essential Guide to Protecting Critical Assets"},{"key":"21","author":"alberts","year":"2002","journal-title":"Managing Information Security Risks The OCTAVE SM Approach"},{"key":"20","first-page":"22","article-title":"It risk assessment: Quantitative and qualitative approach","author":"rot","year":"2008","journal-title":"Proc WCECS World Congress on Engineering and Computer Science"},{"key":"22","article-title":"Using vulnerability assessment tools to develop an octave risk profile","author":"alberts","year":"2004","journal-title":"SAN InforSecurity"},{"key":"23","author":"alberts","year":"2001","journal-title":"An Introduction to OCTAVE SM Method"},{"key":"24","author":"sosonkin","year":"2005","journal-title":"OCTAVE Operationally Critical Threat Asset and Vulnerability Evaluation"},{"key":"25","author":"shortreed","year":"2008","journal-title":"ISO 31000-Risk Management Standards"},{"key":"3","author":"elky","year":"2007","journal-title":"An Introduction to Information System Risk Management"},{"key":"2","first-page":"73","article-title":"Improving information security risk analysis practices for small and medium sized enterprises. A research Agenda","volume":"5","author":"beachboard","year":"0","journal-title":"2008 Issues in Information Sciences and Technology"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.3414\/ME0512"},{"key":"1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2004.07.004"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(97)00004-7"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.4018\/978-1-60566-014-1.ch090"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2005.05.002"},{"key":"4","author":"kite","year":"2009","journal-title":"Information Security Policy"},{"key":"9","author":"siu","year":"2007","journal-title":"Information Scecurity Risk Management"},{"key":"8","author":"dorian","year":"2012","journal-title":"Risk Management Understanding Industry Insights"}],"event":{"name":"2013 Information Security for South Africa","location":"Johannesburg, South Africa","start":{"date-parts":[[2013,8,14]]},"end":{"date-parts":[[2013,8,16]]}},"container-title":["2013 Information Security for South Africa"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6621627\/6641027\/06641062.pdf?arnumber=6641062","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,7,31]],"date-time":"2019-07-31T09:10:51Z","timestamp":1564564251000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6641062\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,8]]},"references-count":25,"URL":"https:\/\/doi.org\/10.1109\/issa.2013.6641062","relation":{},"subject":[],"published":{"date-parts":[[2013,8]]}}}