{"id":"https://openalex.org/W4386030386","doi":"https://doi.org/10.1007/s10257-023-00646-y","title":"Information security objectives and the output legitimacy of ISO/IEC 27001: stakeholders\u2019 perspective on expectations in private organizations in Sweden","display_name":"Information security objectives and the output legitimacy of ISO/IEC 27001: stakeholders\u2019 perspective on expectations in private organizations in Sweden","publication_year":2023,"publication_date":"2023-08-21","ids":{"openalex":"https://openalex.org/W4386030386","doi":"https://doi.org/10.1007/s10257-023-00646-y"},"language":"en","primary_location":{"id":"doi:10.1007/s10257-023-00646-y","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10257-023-00646-y","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10257-023-00646-y.pdf","source":{"id":"https://openalex.org/S56271844","display_name":"Information Systems and e-Business Management","issn_l":"1617-9846","issn":["1617-9846","1617-9854"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Systems and e-Business Management","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10257-023-00646-y.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5092668658","display_name":"Yasmin Kamil","orcid":null},"institutions":[{"id":"https://openalex.org/I26437253","display_name":"\u00d6rebro University","ror":"https://ror.org/05kytsw45","country_code":"SE","type":"education","lineage":["https://openalex.org/I26437253"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Yasmin Kamil","raw_affiliation_strings":["\u00d6rebro University School of Business, \u00d6rebro, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"\u00d6rebro University School of Business, \u00d6rebro, Sweden","institution_ids":["https://openalex.org/I26437253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108304160","display_name":"Sofia Lund","orcid":null},"institutions":[{"id":"https://openalex.org/I26437253","display_name":"\u00d6rebro University","ror":"https://ror.org/05kytsw45","country_code":"SE","type":"education","lineage":["https://openalex.org/I26437253"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Sofia Lund","raw_affiliation_strings":["\u00d6rebro University School of Business, \u00d6rebro, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"\u00d6rebro University School of Business, \u00d6rebro, Sweden","institution_ids":["https://openalex.org/I26437253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050054304","display_name":"M. Sirajul Islam","orcid":"https://orcid.org/0000-0002-7907-6037"},"institutions":[{"id":"https://openalex.org/I134359838","display_name":"Alfaisal University","ror":"https://ror.org/00cdrtq48","country_code":"SA","type":"education","lineage":["https://openalex.org/I134359838"]},{"id":"https://openalex.org/I26437253","display_name":"\u00d6rebro University","ror":"https://ror.org/05kytsw45","country_code":"SE","type":"education","lineage":["https://openalex.org/I26437253"]}],"countries":["SA","SE"],"is_corresponding":false,"raw_author_name":"M Sirajul Islam","raw_affiliation_strings":["Alfaisal University, Riyadh, Saudi Arabia","\u00d6rebro University School of Business, \u00d6rebro, Sweden"],"raw_orcid":"https://orcid.org/0000-0002-7907-6037","affiliations":[{"raw_affiliation_string":"Alfaisal University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I134359838"]},{"raw_affiliation_string":"\u00d6rebro University School of Business, \u00d6rebro, Sweden","institution_ids":["https://openalex.org/I26437253"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5092668658"],"corresponding_institution_ids":["https://openalex.org/I26437253"],"apc_list":{"value":2190,"currency":"EUR","value_usd":2790},"apc_paid":{"value":2190,"currency":"EUR","value_usd":2790},"fwci":8.9684,"has_fulltext":true,"cited_by_count":20,"citation_normalized_percentile":{"value":0.97826704,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"21","issue":"3","first_page":"699","last_page":"722"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9865999817848206,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11572","display_name":"Information Technology Governance and Strategy","score":0.9848999977111816,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-security-management-system","display_name":"Information security management system","score":0.6265745759010315},{"id":"https://openalex.org/keywords/stakeholder","display_name":"Stakeholder","score":0.6045110821723938},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5902312994003296},{"id":"https://openalex.org/keywords/itil-security-management","display_name":"ITIL security management","score":0.5794833898544312},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.5589611530303955},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.5154377222061157},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.4657388925552368},{"id":"https://openalex.org/keywords/legitimacy","display_name":"Legitimacy","score":0.4603216052055359},{"id":"https://openalex.org/keywords/standard-of-good-practice","display_name":"Standard of Good Practice","score":0.43245798349380493},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.43085581064224243},{"id":"https://openalex.org/keywords/stakeholder-theory","display_name":"Stakeholder theory","score":0.4265984892845154},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3829251527786255},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.3206310272216797},{"id":"https://openalex.org/keywords/public-relations","display_name":"Public relations","score":0.24528691172599792},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.21598410606384277},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.14475402235984802},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.1382981538772583},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.11045464873313904},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.10864913463592529},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.0971464216709137}],"concepts":[{"id":"https://openalex.org/C111153917","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management system","level":5,"score":0.6265745759010315},{"id":"https://openalex.org/C201305675","wikidata":"https://www.wikidata.org/wiki/Q852998","display_name":"Stakeholder","level":2,"score":0.6045110821723938},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5902312994003296},{"id":"https://openalex.org/C114351632","wikidata":"https://www.wikidata.org/wiki/Q5974820","display_name":"ITIL security management","level":5,"score":0.5794833898544312},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.5589611530303955},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.5154377222061157},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.4657388925552368},{"id":"https://openalex.org/C46295352","wikidata":"https://www.wikidata.org/wiki/Q207982","display_name":"Legitimacy","level":3,"score":0.4603216052055359},{"id":"https://openalex.org/C47309137","wikidata":"https://www.wikidata.org/wiki/Q7598357","display_name":"Standard of Good Practice","level":5,"score":0.43245798349380493},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.43085581064224243},{"id":"https://openalex.org/C176239081","wikidata":"https://www.wikidata.org/wiki/Q2979849","display_name":"Stakeholder theory","level":3,"score":0.4265984892845154},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3829251527786255},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.3206310272216797},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.24528691172599792},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.21598410606384277},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.14475402235984802},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.1382981538772583},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.11045464873313904},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.10864913463592529},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0971464216709137},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.0},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s10257-023-00646-y","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10257-023-00646-y","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10257-023-00646-y.pdf","source":{"id":"https://openalex.org/S56271844","display_name":"Information Systems and e-Business Management","issn_l":"1617-9846","issn":["1617-9846","1617-9854"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Systems and e-Business Management","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:spr:infsem:v:21:y:2023:i:3:d:10.1007_s10257-023-00646-y","is_oa":false,"landing_page_url":"http://link.springer.com/10.1007/s10257-023-00646-y","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.1007/s10257-023-00646-y","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10257-023-00646-y","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10257-023-00646-y.pdf","source":{"id":"https://openalex.org/S56271844","display_name":"Information Systems and e-Business Management","issn_l":"1617-9846","issn":["1617-9846","1617-9854"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Systems and e-Business Management","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals","score":0.4699999988079071}],"awards":[],"funders":[{"id":"https://openalex.org/F4320321975","display_name":"\u00d6rebro Universitet","ror":"https://ror.org/05kytsw45"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4386030386.pdf"},"referenced_works_count":48,"referenced_works":["https://openalex.org/W1511284091","https://openalex.org/W1897261239","https://openalex.org/W1965868687","https://openalex.org/W1982946593","https://openalex.org/W1988849725","https://openalex.org/W2000891179","https://openalex.org/W2003676537","https://openalex.org/W2006335128","https://openalex.org/W2015839409","https://openalex.org/W2016638504","https://openalex.org/W2024643361","https://openalex.org/W2047735993","https://openalex.org/W2059336106","https://openalex.org/W2059573187","https://openalex.org/W2065969726","https://openalex.org/W2077401742","https://openalex.org/W2078658822","https://openalex.org/W2079537421","https://openalex.org/W2097381264","https://openalex.org/W2111866110","https://openalex.org/W2130032116","https://openalex.org/W2167928095","https://openalex.org/W2254745603","https://openalex.org/W2460679848","https://openalex.org/W2514035931","https://openalex.org/W2521639305","https://openalex.org/W2525999941","https://openalex.org/W2560397594","https://openalex.org/W2594882763","https://openalex.org/W2728728969","https://openalex.org/W2768082661","https://openalex.org/W2783394300","https://openalex.org/W2791640790","https://openalex.org/W2808102949","https://openalex.org/W2948947981","https://openalex.org/W2969394464","https://openalex.org/W2995562481","https://openalex.org/W3084505573","https://openalex.org/W3112069650","https://openalex.org/W3143257057","https://openalex.org/W3159815513","https://openalex.org/W3196189929","https://openalex.org/W4212873119","https://openalex.org/W4231870911","https://openalex.org/W4236419616","https://openalex.org/W4249515982","https://openalex.org/W4298547684","https://openalex.org/W4402798412"],"related_works":["https://openalex.org/W578019356","https://openalex.org/W2003676537","https://openalex.org/W2948947981","https://openalex.org/W2483557577","https://openalex.org/W1982946593","https://openalex.org/W40842196","https://openalex.org/W203815982","https://openalex.org/W2000891179","https://openalex.org/W2609802486","https://openalex.org/W1573253764"],"abstract_inverted_index":{"Abstract":[0],"Organizations":[1],"use":[2],"the":[3,34,37,75,87,99,123,136,144,151,189,195,223,236,251,255],"ISO/IEC":[4,80,148,217],"27001":[5,149],"standard":[6,16,196,224],"to":[7,27,59,73,85,142,204,206,234,244],"establish":[8],"an":[9,129,159],"information":[10,31,169,182,242],"security":[11,19,61,170,183,243],"management":[12,171],"system":[13],"(ISMS).":[14],"This":[15],"outlines":[17],"specific":[18],"measures":[20],"and":[21,63,77,89,105,108,133,239],"requirements":[22],"that":[23,55,188,222],"organizations":[24,174],"can":[25,113],"implement":[26],"effectively":[28,245],"manage":[29],"their":[30,247],"assets.":[32],"However,":[33],"effectiveness":[35],"of":[36,51,67,79,125,138,147,153,191,194,213],"standard\u2019s":[38],"problem-solving":[39],"capabilities":[40],"has":[41],"raised":[42],"some":[43],"questions.":[44],"Consequently,":[45],"there":[46],"is":[47,70,141,225],"a":[48,210,228],"continuous":[49],"development":[50],"new":[52],"governance":[53],"methods":[54],"demand":[56],"fresh":[57],"approaches":[58],"validate":[60],"operations":[62],"measures.":[64],"In":[65],"light":[66],"this,":[68,158],"research":[69],"being":[71],"conducted":[72],"examine":[74],"application":[76],"impact":[78,124],"27001,":[81,218],"as":[82,84],"well":[83],"analyze":[86],"challenges":[88],"knowledge":[90,238],"gaps":[91],"through":[92],"theoretical":[93],"perspectives.":[94],"By":[95],"employing":[96],"stakeholder":[97,115,154],"theory,":[98],"focus":[100],"shifts":[101],"towards":[102],"integrating":[103],"business":[104],"social":[106],"issues":[107],"exploring":[109],"how":[110],"non-business":[111],"pressures":[112],"influence":[114],"motivations":[116],"in":[117,168,175,241],"implementing":[118],"standards.":[119],"Additionally,":[120],"it":[121],"investigates":[122],"these":[126,199],"standards":[127],"on":[128],"organization\u2019s":[130],"reputation,":[131],"performance,":[132],"operations.":[134],"Therefore,":[135],"objective":[137],"this":[139],"study":[140,161],"investigate":[143],"output":[145,192,214],"legitimacy":[146,193,215],"from":[150,202],"perspective":[152],"expectations.":[155],"To":[156,208],"accomplish":[157],"interview-based":[160],"was":[162],"conducted,":[163],"involving":[164],"relevant":[165],"stakeholders":[166,219,232],"engaged":[167],"within":[172],"private":[173],"Sweden.":[176],"The":[177,185],"findings":[178],"reveal":[179],"eight":[180],"key":[181],"objectives.":[184],"results":[186],"indicate":[187],"level":[190,212],"varies":[197],"across":[198],"objectives,":[200],"ranging":[201],"high":[203,211],"medium":[205],"low.":[207],"achieve":[209],"for":[216],"must":[220],"understand":[221],"not":[226],"solely":[227],"technical":[229],"document.":[230],"Furthermore,":[231],"need":[233],"possess":[235],"appropriate":[237],"skills":[240],"navigate":[246],"work":[248],"while":[249],"leveraging":[250],"support":[252],"provided":[253],"by":[254],"standard.":[256]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":1}],"updated_date":"2025-12-29T23:06:16.900395","created_date":"2025-10-10T00:00:00"}