{"id":"https://openalex.org/W4238372666","doi":"https://doi.org/10.1007/s00779-021-01549-w","title":"A framework and tool for the assessment of information security risk, the reduction of information security cost and the sustainability of information security culture","display_name":"A framework and tool for the assessment of information security risk, the reduction of information security cost and the sustainability of information security culture","publication_year":2021,"publication_date":"2021-03-18","ids":{"openalex":"https://openalex.org/W4238372666","doi":"https://doi.org/10.1007/s00779-021-01549-w"},"language":"en","primary_location":{"id":"doi:10.1007/s00779-021-01549-w","is_oa":false,"landing_page_url":"https://doi.org/10.1007/s00779-021-01549-w","pdf_url":null,"source":{"id":"https://openalex.org/S58126648","display_name":"Personal and Ubiquitous Computing","issn_l":"1617-4909","issn":["1617-4909","1617-4917"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Personal and Ubiquitous Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5112782996","display_name":"S. G. Govender","orcid":null},"institutions":[{"id":"https://openalex.org/I165390105","display_name":"University of South Africa","ror":"https://ror.org/048cwvf49","country_code":"ZA","type":"education","lineage":["https://openalex.org/I165390105"]}],"countries":["ZA"],"is_corresponding":true,"raw_author_name":"S.G. Govender","raw_affiliation_strings":["University of South Africa (UNISA), Pretoria, Gauteng, 0001, South Africa"],"affiliations":[{"raw_affiliation_string":"University of South Africa (UNISA), Pretoria, Gauteng, 0001, South Africa","institution_ids":["https://openalex.org/I165390105"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039171336","display_name":"Elmarie Kritzinger","orcid":"https://orcid.org/0000-0002-5141-4348"},"institutions":[{"id":"https://openalex.org/I165390105","display_name":"University of South Africa","ror":"https://ror.org/048cwvf49","country_code":"ZA","type":"education","lineage":["https://openalex.org/I165390105"]}],"countries":["ZA"],"is_corresponding":false,"raw_author_name":"E. Kritzinger","raw_affiliation_strings":["University of South Africa (UNISA), Pretoria, Gauteng, 0001, South Africa"],"affiliations":[{"raw_affiliation_string":"University of South Africa (UNISA), Pretoria, Gauteng, 0001, South Africa","institution_ids":["https://openalex.org/I165390105"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5084693925","display_name":"Marianne Loock","orcid":"https://orcid.org/0000-0001-8005-716X"},"institutions":[{"id":"https://openalex.org/I165390105","display_name":"University of South Africa","ror":"https://ror.org/048cwvf49","country_code":"ZA","type":"education","lineage":["https://openalex.org/I165390105"]}],"countries":["ZA"],"is_corresponding":false,"raw_author_name":"M. Loock","raw_affiliation_strings":["University of South Africa (UNISA), Pretoria, Gauteng, 0001, South Africa"],"affiliations":[{"raw_affiliation_string":"University of South Africa (UNISA), Pretoria, Gauteng, 0001, South Africa","institution_ids":["https://openalex.org/I165390105"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5112782996"],"corresponding_institution_ids":["https://openalex.org/I165390105"],"apc_list":{"value":2490,"currency":"EUR","value_usd":3090},"apc_paid":null,"fwci":2.8363,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.92281287,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"25","issue":"5","first_page":"927","last_page":"940"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.8020233511924744},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.7269423007965088},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.6900595426559448},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6593396067619324},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.5187549591064453},{"id":"https://openalex.org/keywords/certified-information-security-manager","display_name":"Certified Information Security Manager","score":0.5158754587173462},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.5080201625823975},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.503886878490448},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49886345863342285},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.4730222225189209},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4508705139160156},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.44779300689697266},{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.4379566013813019},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.4367865025997162},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.4177144765853882},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.411476194858551},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2501159608364105},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.2344052791595459},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.15601518750190735}],"concepts":[{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.8020233511924744},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.7269423007965088},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.6900595426559448},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6593396067619324},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.5187549591064453},{"id":"https://openalex.org/C180823521","wikidata":"https://www.wikidata.org/wiki/Q1662502","display_name":"Certified Information Security Manager","level":5,"score":0.5158754587173462},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.5080201625823975},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.503886878490448},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49886345863342285},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.4730222225189209},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4508705139160156},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.44779300689697266},{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.4379566013813019},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.4367865025997162},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.4177144765853882},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.411476194858551},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2501159608364105},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.2344052791595459},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.15601518750190735},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/s00779-021-01549-w","is_oa":false,"landing_page_url":"https://doi.org/10.1007/s00779-021-01549-w","pdf_url":null,"source":{"id":"https://openalex.org/S58126648","display_name":"Personal and Ubiquitous Computing","issn_l":"1617-4909","issn":["1617-4909","1617-4917"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Personal and Ubiquitous Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W82733688","https://openalex.org/W315231380","https://openalex.org/W1964009157","https://openalex.org/W1968584218","https://openalex.org/W1989772518","https://openalex.org/W2027548841","https://openalex.org/W2081526168","https://openalex.org/W2094130901","https://openalex.org/W2102144719","https://openalex.org/W2336964007","https://openalex.org/W2778865020","https://openalex.org/W2790637580","https://openalex.org/W2803410559","https://openalex.org/W2892678578","https://openalex.org/W3112040056","https://openalex.org/W6605105704"],"related_works":["https://openalex.org/W2584162156","https://openalex.org/W2741061559","https://openalex.org/W4386208045","https://openalex.org/W2185133343","https://openalex.org/W1585855485","https://openalex.org/W4244250244","https://openalex.org/W4230628385","https://openalex.org/W2049188895","https://openalex.org/W1919881717","https://openalex.org/W19906931"],"abstract_inverted_index":null,"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}
