{"id":"https://openalex.org/W2087445058","doi":"https://doi.org/10.1016/s0167-4048(00)87829-3","title":"A Formalized Approach to the Effective Selection and Evaluation of Information Security Controls","display_name":"A Formalized Approach to the Effective Selection and Evaluation of Information Security Controls","publication_year":2000,"publication_date":"2000-02-01","ids":{"openalex":"https://openalex.org/W2087445058","doi":"https://doi.org/10.1016/s0167-4048(00)87829-3","mag":"2087445058"},"language":"en","primary_location":{"id":"doi:10.1016/s0167-4048(00)87829-3","is_oa":false,"landing_page_url":"https://doi.org/10.1016/s0167-4048(00)87829-3","pdf_url":null,"source":{"id":"https://openalex.org/S12529635","display_name":"Computers & Security","issn_l":"0167-4048","issn":["0167-4048","1872-6208"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers &amp; Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5046732934","display_name":"Lynette Barnard","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Lynette Barnard","raw_affiliation_strings":["Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa","Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa#TAB#"],"affiliations":[{"raw_affiliation_string":"Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa","institution_ids":[]},{"raw_affiliation_string":"Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa#TAB#","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020056259","display_name":"Rossouw von Solms","orcid":"https://orcid.org/0000-0002-9860-2346"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Rossouw von Solms","raw_affiliation_strings":["Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa","Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa#TAB#"],"affiliations":[{"raw_affiliation_string":"Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa","institution_ids":[]},{"raw_affiliation_string":"Department of Information Technology, Port Elizabeth Technikon, Private Bag X6011, Port Elizabeth 6000, South Africa#TAB#","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5046732934"],"corresponding_institution_ids":[],"apc_list":{"value":3190,"currency":"USD","value_usd":3190},"apc_paid":null,"fwci":6.4687,"has_fulltext":false,"cited_by_count":60,"citation_normalized_percentile":{"value":0.96502038,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"19","issue":"2","first_page":"185","last_page":"194"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13999","display_name":"Digital Rights Management and Security","score":0.9656000137329102,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.954800009727478,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.7333391904830933},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7014455199241638},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.6832519173622131},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.6148306131362915},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5893974304199219},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5585412383079529},{"id":"https://openalex.org/keywords/selection","display_name":"Selection (genetic algorithm)","score":0.5578815340995789},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5493162274360657},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.49247369170188904},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.4866560101509094},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.46520835161209106},{"id":"https://openalex.org/keywords/certified-information-security-manager","display_name":"Certified Information Security Manager","score":0.46458700299263},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.45757269859313965},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4528922438621521},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4526576101779938},{"id":"https://openalex.org/keywords/standard-of-good-practice","display_name":"Standard of Good Practice","score":0.4473332166671753},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.43348515033721924},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.38053280115127563},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.33777308464050293},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2575148344039917},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.18101271986961365}],"concepts":[{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.7333391904830933},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7014455199241638},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.6832519173622131},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.6148306131362915},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5893974304199219},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5585412383079529},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.5578815340995789},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5493162274360657},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.49247369170188904},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.4866560101509094},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.46520835161209106},{"id":"https://openalex.org/C180823521","wikidata":"https://www.wikidata.org/wiki/Q1662502","display_name":"Certified Information Security Manager","level":5,"score":0.46458700299263},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.45757269859313965},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4528922438621521},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4526576101779938},{"id":"https://openalex.org/C47309137","wikidata":"https://www.wikidata.org/wiki/Q7598357","display_name":"Standard of Good Practice","level":5,"score":0.4473332166671753},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.43348515033721924},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.38053280115127563},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.33777308464050293},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2575148344039917},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.18101271986961365},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1016/s0167-4048(00)87829-3","is_oa":false,"landing_page_url":"https://doi.org/10.1016/s0167-4048(00)87829-3","pdf_url":null,"source":{"id":"https://openalex.org/S12529635","display_name":"Computers & Security","issn_l":"0167-4048","issn":["0167-4048","1872-6208"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers &amp; Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Partnerships for the goals","score":0.49000000953674316,"id":"https://metadata.un.org/sdg/17"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":2,"referenced_works":["https://openalex.org/W1877097291","https://openalex.org/W2104394547"],"related_works":["https://openalex.org/W40842196","https://openalex.org/W2483557577","https://openalex.org/W1567258312","https://openalex.org/W2584162156","https://openalex.org/W2049188895","https://openalex.org/W2000891179","https://openalex.org/W2126017555","https://openalex.org/W2741061559","https://openalex.org/W2003676537","https://openalex.org/W1988974780"],"abstract_inverted_index":null,"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":10},{"year":2018,"cited_by_count":3},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}