{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,29]],"date-time":"2025-08-29T16:40:02Z","timestamp":1756485602019,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":21,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,6,5]],"date-time":"2024-06-05T00:00:00Z","timestamp":1717545600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Bavarian Ministry of Economics"},{"DOI":"10.13039\/501100006374","name":"HORIZON EUROPE Marie Sklodowska-Curie Actions","doi-asserted-by":"publisher","award":["101086308"],"award-info":[{"award-number":["101086308"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,6,5]]},"DOI":"10.1145\/3655693.3655708","type":"proceedings-article","created":{"date-parts":[[2024,6,4]],"date-time":"2024-06-04T18:22:10Z","timestamp":1717525330000},"page":"46-49","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Emergent Needs in Assuring Security-Relevant Compliance of Information Systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4503-2244","authenticated-orcid":false,"given":"Tomas","family":"Bueno Momcilovic","sequence":"first","affiliation":[{"name":"Platform Engineering, fortiss, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8311-3227","authenticated-orcid":false,"given":"Dian","family":"Balta","sequence":"additional","affiliation":[{"name":"Platform Engineering, fortiss, Germany"}]}],"member":"320","published-online":{"date-parts":[[2024,6,5]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/291469.291479"},{"key":"e_1_3_2_1_2_1","first-page":"360","article-title":"Cyber security assurance process from the internal audit perspective","volume":"33","author":"Bozkus\u00a0Kahyaoglu S.","year":"2018","unstructured":"S. Bozkus\u00a0Kahyaoglu and K. Caliyurt. 2018. Cyber security assurance process from the internal audit perspective. Managerial Accounting Journal 33, 4 (2018), 360\u2013376.","journal-title":"Managerial Accounting Journal"},{"volume-title":"Software Quality as a Foundation for Security","author":"Bueno\u00a0Mom\u010dilovi\u0107 Tomas","key":"e_1_3_2_1_3_1","unstructured":"Tomas Bueno\u00a0Mom\u010dilovi\u0107 and Dian Balta. 2024. Challenges of\u00a0Assuring Compliance of\u00a0Information Systems in\u00a0Finance. In Software Quality as a Foundation for Security, Peter Bludau, Rudolf Ramler, Dietmar Winkler, and Johannes Bergsmann (Eds.). Springer Nature Switzerland, Cham, 135\u2013152."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1108\/01443570210417515"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2659651.2659711"},{"key":"e_1_3_2_1_6_1","unstructured":"EU2022DORA 2022. EU Digital Operational Resilience Act (DORA) - Regulation (EU) 2022\/2554. Official Journal of the European Union. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX%3A32022R2554Regulation (EU) 2022\/2554."},{"key":"e_1_3_2_1_7_1","unstructured":"S. Hammond and M. Cowan. 2021. Cost of Compliance 2021: Shaping the Future. Thomson Reuters Regulatory Intelligence."},{"volume-title":"International Auditing and Assurance Standards Board (IAASB)","author":"Auditing International","key":"e_1_3_2_1_8_1","unstructured":"International Auditing and Assurance Standards Board (IAASB) 2009. International Standard on Assurance Engagements (ISAE) 3402: Assurance Reports on Controls at a Service Organization. International Auditing and Assurance Standards Board (IAASB), New York, NY."},{"volume-title":"The What and How of Modelling Information and Knowledge: From Mind Maps to Ontologies","author":"Keet C.M.","key":"e_1_3_2_1_9_1","unstructured":"C.M. Keet. 2023. The What and How of Modelling Information and Knowledge: From Mind Maps to Ontologies. Springer, Berlin."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.is.2012.07.003"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/RE.2014.6912250"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2757001.2757003"},{"key":"e_1_3_2_1_13_1","unstructured":"National Institute of Standards and Technology (NIST). 2022. Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations. NIST Special Publication."},{"key":"e_1_3_2_1_14_1","unstructured":"Ontotext2023A 2023. Ontotext Refine Overview and Features. Ontotext. https:\/\/platform.ontotext.com\/ontorefine\/Last accessed 2023\/10\/25."},{"key":"e_1_3_2_1_15_1","unstructured":"Ontotext2023B 2023. What is GraphDB?Ontotext. https:\/\/graphdb.ontotext.com\/documentation\/10.4\/Last accessed 2023\/10\/25."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1049\/iet-sen.2018.5293"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-008-9102-8"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2009.29"},{"volume-title":"OWL 2 Web Ontology Language. RDF-Based Semantics","year":"2023","key":"e_1_3_2_1_19_1","unstructured":"W3C2012 2012. OWL 2 Web Ontology Language. RDF-Based Semantics (Second Edition). World Wide Web Consortium (W3C). https:\/\/www.w3.org\/TR\/owl2-rdf-based-semantics\/Last accessed 2023\/10\/25."},{"key":"e_1_3_2_1_20_1","unstructured":"W3C2014 2014. RDF\/XML Syntax Specification (Revised). World Wide Web Consortium (W3C). https:\/\/www.w3.org\/TR\/REC-rdf-syntax\/Last accessed 2023\/10\/25."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2020.09.061"}],"event":{"name":"EICC 2024: European Interdisciplinary Cybersecurity Conference","acronym":"EICC 2024","location":"Xanthi Greece"},"container-title":["European Interdisciplinary Cybersecurity Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3655693.3655708","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3655693.3655708","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,29]],"date-time":"2025-08-29T16:19:22Z","timestamp":1756484362000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3655693.3655708"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,5]]},"references-count":21,"alternative-id":["10.1145\/3655693.3655708","10.1145\/3655693"],"URL":"https:\/\/doi.org\/10.1145\/3655693.3655708","relation":{},"subject":[],"published":{"date-parts":[[2024,6,5]]},"assertion":[{"value":"2024-06-05","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}