{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,14]],"date-time":"2026-04-14T22:53:16Z","timestamp":1776207196826,"version":"3.50.1"},"reference-count":24,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"1","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IT Prof."],"published-print":{"date-parts":[[2018,1]]},"DOI":"10.1109\/mitp.2018.011291353","type":"journal-article","created":{"date-parts":[[2018,2,14]],"date-time":"2018-02-14T19:15:30Z","timestamp":1518635730000},"page":"53-62","source":"Crossref","is-referenced-by-count":3,"title":["Improving Transparency and Efficiency in IT Security Management Resourcing"],"prefix":"10.1109","volume":"20","author":[{"given":"Knut","family":"Haufe","sequence":"first","affiliation":[{"name":"PwC Cybersecurity Services"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Srdan","family":"Dzombeta","sequence":"additional","affiliation":[{"name":"PwC Cybersecurity Services"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Knud","family":"Brandis","sequence":"additional","affiliation":[{"name":"PwC Cybersecurity Services"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vladimir","family":"Stantchev","sequence":"additional","affiliation":[{"name":"SRH University Berlin"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ricardo","family":"Colomo-Palacios","sequence":"additional","affiliation":[{"name":"&#xD8;stfold University College"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","article-title":"Information Security: Principles and Practices","author":"merkow","year":"2014","journal-title":"Pearson IT Certification"},{"key":"ref11","article-title":"Critical Success Factors Analysis on Effective Information Security Management: A Literature Review","author":"tu","year":"0","journal-title":"Proc Americas' Conf Information Systems (AMCIS)"},{"key":"ref12","article-title":"The Price of Security: The Challenge of Measuring Business Value Investments in Securing Information Systems","volume":"5","author":"coulson","year":"2005","journal-title":"Communications of the IIMA"},{"key":"ref13","first-page":"73","article-title":"The Missing Circle of ISMS (LL-ISMS)","author":"khyavi","year":"0","journal-title":"Proc 2015 ACM SIGMIS Conf Computers and People Research (SIGMIS-CPR)"},{"key":"ref14","first-page":"22","article-title":"Evaluation and Comparison of COBIT, ITIL, and IS027Kl\/2 Standards within the Framework of Information Security","author":"ozdemir","year":"2014","journal-title":"International Journal of Technical Research and Applications"},{"key":"ref15","author":"tu","year":"2015","journal-title":"Effective Information Security Management A Critical Success Factors Analysis"},{"key":"ref16","article-title":"QUANTSEC&#x2014;Ein Modell zur Nutzenquantifizierung von IT-SicherheitsmaBnahmen","author":"chehrazi","year":"0","journal-title":"Wirtschaftsinformatik 2015 Osnabriick"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/SECURWARE.2008.7"},{"key":"ref18","first-page":"24","article-title":"ISO 27001: Risk Management and Compliance","volume":"54","author":"brenner","year":"2007","journal-title":"Risk Management"},{"key":"ref19","year":"2014","journal-title":"ISO\/IEC 27000 2014 Information Technology&#x2014;Security Techniques&#x2014;Information Security Management Systems&#x2014;Overview and Vocabulary"},{"key":"ref4","year":"2013","journal-title":"ISO\/IEC 27001 2013 Information Technology&#x2014;Security Techniques&#x2014;Information Security Management Systems&#x2014;Requirements"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/ITPRO.2014.7029281"},{"key":"ref6","first-page":"373","article-title":"Boards of Directors and Technology Governance: The Surprising State of the Practice","volume":"24","author":"andriole","year":"2009","journal-title":"Comm Assoc for Information Systems"},{"key":"ref5","year":"2013","journal-title":"ISO\/IEC 27002 2013 Information Technology&#x2014;Security Techniques&#x2014;Code of Practice for Information Security Controls"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2014.52"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2012.08.004"},{"key":"ref2","author":"ndungu","year":"2015","journal-title":"Information Security Management in Organizations"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/RADIOELEK.2015.7128984"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/2660765"},{"key":"ref20","author":"brewer","year":"2013","journal-title":"Moving from ISO\/IEC 27001 2005 to ISO\/IEC 27001 2013"},{"key":"ref22","author":"slack","year":"2009","journal-title":"Operations Management"},{"key":"ref21","author":"taylor","year":"2007","journal-title":"ITIL Version 3 Service Design"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.4018\/jhcitp.2012100101"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4020-8889-6_14"}],"container-title":["IT Professional"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6294\/8291771\/08291779.pdf?arnumber=8291779","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,3]],"date-time":"2022-05-03T19:57:44Z","timestamp":1651607864000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8291779\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,1]]},"references-count":24,"aliases":["10.1109\/mitp.2017.265104358"],"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.1109\/mitp.2018.011291353","relation":{},"ISSN":["1520-9202","1941-045X"],"issn-type":[{"value":"1520-9202","type":"print"},{"value":"1941-045X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,1]]}}}