{"id":"https://openalex.org/W2072086471","doi":"https://doi.org/10.1108/09685220710738787","title":"A strategic modeling technique for information security risk assessment","display_name":"A strategic modeling technique for information security risk assessment","publication_year":2007,"publication_date":"2007-02-27","ids":{"openalex":"https://openalex.org/W2072086471","doi":"https://doi.org/10.1108/09685220710738787","mag":"2072086471"},"language":"en","primary_location":{"id":"doi:10.1108/09685220710738787","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685220710738787","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071044815","display_name":"Subhas Chandra Misra","orcid":"https://orcid.org/0000-0002-8254-7135"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Subhas C. Misra","raw_affiliation_strings":["School of Business, Carleton University, Ottawa, Canada"],"affiliations":[{"raw_affiliation_string":"School of Business, Carleton University, Ottawa, Canada","institution_ids":["https://openalex.org/I67031392"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5104356638","display_name":"Vinod Kumar","orcid":"https://orcid.org/0000-0002-7207-248X"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Vinod Kumar","raw_affiliation_strings":["School of Business, Carleton University, Ottawa, Canada"],"affiliations":[{"raw_affiliation_string":"School of Business, Carleton University, Ottawa, Canada","institution_ids":["https://openalex.org/I67031392"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5071246155","display_name":"Uma Kumar","orcid":"https://orcid.org/0000-0003-4255-1065"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Uma Kumar","raw_affiliation_strings":["School of Business, Carleton University, Ottawa, Canada"],"affiliations":[{"raw_affiliation_string":"School of Business, Carleton University, Ottawa, Canada","institution_ids":["https://openalex.org/I67031392"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5071044815"],"corresponding_institution_ids":["https://openalex.org/I67031392"],"apc_list":null,"apc_paid":null,"fwci":3.2854,"has_fulltext":false,"cited_by_count":22,"citation_normalized_percentile":{"value":0.92385101,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"15","issue":"1","first_page":"64","last_page":"77"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6740376949310303},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.573957085609436},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5519992113113403},{"id":"https://openalex.org/keywords/information-system","display_name":"Information system","score":0.5158021450042725},{"id":"https://openalex.org/keywords/unified-modeling-language","display_name":"Unified Modeling Language","score":0.49445080757141113},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4899517595767975},{"id":"https://openalex.org/keywords/information-flow","display_name":"Information flow","score":0.46097224950790405},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.4516628384590149},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.41932213306427},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.3872019052505493},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.378385990858078},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.3532848358154297},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.30271267890930176},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.20138907432556152},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.12499284744262695},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.10709008574485779}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6740376949310303},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.573957085609436},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5519992113113403},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.5158021450042725},{"id":"https://openalex.org/C145644426","wikidata":"https://www.wikidata.org/wiki/Q169411","display_name":"Unified Modeling Language","level":3,"score":0.49445080757141113},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4899517595767975},{"id":"https://openalex.org/C2779136372","wikidata":"https://www.wikidata.org/wiki/Q10283002","display_name":"Information flow","level":2,"score":0.46097224950790405},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.4516628384590149},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.41932213306427},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.3872019052505493},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.378385990858078},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.3532848358154297},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.30271267890930176},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.20138907432556152},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.12499284744262695},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.10709008574485779},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/09685220710738787","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685220710738787","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W1567181018","https://openalex.org/W1983117076","https://openalex.org/W2027093988","https://openalex.org/W2105539612","https://openalex.org/W2106228271","https://openalex.org/W2127399150","https://openalex.org/W4242182825","https://openalex.org/W4252710269","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2120971814","https://openalex.org/W2508914475","https://openalex.org/W4310892428","https://openalex.org/W4293770853","https://openalex.org/W2356973015","https://openalex.org/W2934984010","https://openalex.org/W2362334938","https://openalex.org/W2777401565","https://openalex.org/W2033357182","https://openalex.org/W2248314326"],"abstract_inverted_index":{"Purpose":[0],"This":[1],"paper":[2],"seeks":[3],"to":[4,67],"present":[5],"a":[6,99,138],"conceptual":[7],"modeling":[8,77],"approach,":[9],"which":[10],"is":[11,25,101,111],"new":[12],"in":[13,39,72],"the":[14,33,44,53,57,86,93,109,112,120,123,131,135,142,148,154],"domain":[15],"of":[16,36,46,56,122,137],"information":[17,40,73],"systems":[18,74],"security":[19,37,69,125],"risk":[20,70,126],"assessment.":[21],"Design/methodology/approach":[22],"The":[23,117],"approach":[24,118],"helpful":[26],"for":[27],"performing":[28],"means\u2010end":[29],"analysis,":[30],"thereby":[31],"uncovering":[32],"structural":[34],"origin":[35],"risks":[38,48],"systems,":[41],"and":[42,84,91,140,145,151],"how":[43],"root\u2010causes":[45],"such":[47,79],"can":[49],"be":[50],"controlled":[51],"from":[52],"early":[54],"stages":[55],"projects.":[58],"Findings":[59],"Though":[60],"some":[61],"attempts":[62],"have":[63,89],"previously":[64],"been":[65],"made":[66],"model":[68],"assessment":[71,127],"using":[75],"conventional":[76],"techniques":[78],"as":[80],"data":[81],"flow":[82],"diagrams":[83],"UML,":[85],"previous":[87],"works":[88],"analyzed":[90],"modeled":[92],"same":[94],"just":[95],"by":[96,129],"addressing":[97],"\u201cwhat\u201d":[98],"process":[100,110],"like.":[102],"However,":[103],"they":[104],"do":[105],"not":[106],"address":[107],"\u201cwhy\u201d":[108],"way":[113],"it":[114],"is.":[115],"Originality/value":[116],"addresses":[119],"limitation":[121],"existing":[124],"models":[128],"exploring":[130],"strategic":[132],"dependencies":[133],"between":[134],"actors":[136],"system":[139],"analyzing":[141],"motivations,":[143],"intents":[144],"rationales":[146],"behind":[147],"different":[149],"entities":[150],"activities":[152],"constituting":[153],"system.":[155]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":1},{"year":2012,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}