{"id":"https://openalex.org/W2081657462","doi":"https://doi.org/10.1108/09685220810908796","title":"Implementation and effectiveness of organizational information security measures","display_name":"Implementation and effectiveness of organizational information security measures","publication_year":2008,"publication_date":"2008-10-10","ids":{"openalex":"https://openalex.org/W2081657462","doi":"https://doi.org/10.1108/09685220810908796","mag":"2081657462"},"language":"en","primary_location":{"id":"doi:10.1108/09685220810908796","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685220810908796","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5030738602","display_name":"Janne Merete Hagen","orcid":"https://orcid.org/0000-0001-5900-7061"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Janne Merete Hagen","raw_affiliation_strings":["Gj\u00f8vik University College, Gj\u00f8vik, Norway"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Gj\u00f8vik University College, Gj\u00f8vik, Norway","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070195256","display_name":"Eirik Albrechtsen","orcid":"https://orcid.org/0000-0002-8515-6535"},"institutions":[{"id":"https://openalex.org/I173888879","display_name":"SINTEF","ror":"https://ror.org/01f677e56","country_code":"NO","type":"facility","lineage":["https://openalex.org/I173888879"]},{"id":"https://openalex.org/I204778367","display_name":"Norwegian University of Science and Technology","ror":"https://ror.org/05xg72x27","country_code":"NO","type":"education","lineage":["https://openalex.org/I204778367"]}],"countries":["NO"],"is_corresponding":false,"raw_author_name":"Eirik Albrechtsen","raw_affiliation_strings":["Norwegian University of Science and Technology, Trondheim, Norway SINTEF Technology and Science, Trondheim, Norway"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Norwegian University of Science and Technology, Trondheim, Norway SINTEF Technology and Science, Trondheim, Norway","institution_ids":["https://openalex.org/I204778367","https://openalex.org/I173888879"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5025212936","display_name":"Jan Fredrik Hovden","orcid":null},"institutions":[{"id":"https://openalex.org/I204778367","display_name":"Norwegian University of Science and Technology","ror":"https://ror.org/05xg72x27","country_code":"NO","type":"education","lineage":["https://openalex.org/I204778367"]}],"countries":["NO"],"is_corresponding":false,"raw_author_name":"Jan Hovden","raw_affiliation_strings":["Norwegian University of Science and Technology, Trondheim, Norway"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Norwegian University of Science and Technology, Trondheim, Norway","institution_ids":["https://openalex.org/I204778367"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":16.6384,"has_fulltext":false,"cited_by_count":149,"citation_normalized_percentile":{"value":0.98835556,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":100},"biblio":{"volume":"16","issue":"4","first_page":"377","last_page":"397"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9934999942779541,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.6454519033432007},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.6185812950134277},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.502068042755127},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.48603612184524536},{"id":"https://openalex.org/keywords/organizational-effectiveness","display_name":"Organizational effectiveness","score":0.4666576087474823},{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.4637508988380432},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.4232894778251648},{"id":"https://openalex.org/keywords/organizational-performance","display_name":"Organizational performance","score":0.42120814323425293},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.41528624296188354},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.34871578216552734},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.32179024815559387},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.2474849820137024},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.22038227319717407},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.20882296562194824},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.15044459700584412}],"concepts":[{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.6454519033432007},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.6185812950134277},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.502068042755127},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.48603612184524536},{"id":"https://openalex.org/C108363010","wikidata":"https://www.wikidata.org/wiki/Q7102014","display_name":"Organizational effectiveness","level":2,"score":0.4666576087474823},{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.4637508988380432},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.4232894778251648},{"id":"https://openalex.org/C165672731","wikidata":"https://www.wikidata.org/wiki/Q25047583","display_name":"Organizational performance","level":2,"score":0.42120814323425293},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.41528624296188354},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.34871578216552734},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.32179024815559387},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2474849820137024},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.22038227319717407},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.20882296562194824},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.15044459700584412},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/09685220810908796","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685220810908796","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4399999976158142,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W264217655","https://openalex.org/W322391649","https://openalex.org/W657731981","https://openalex.org/W789529598","https://openalex.org/W1480210583","https://openalex.org/W1516532723","https://openalex.org/W1548502819","https://openalex.org/W1932076813","https://openalex.org/W1966669815","https://openalex.org/W1980198818","https://openalex.org/W1982441013","https://openalex.org/W1986019440","https://openalex.org/W1991953824","https://openalex.org/W1997603734","https://openalex.org/W1998395566","https://openalex.org/W2025043113","https://openalex.org/W2037697692","https://openalex.org/W2045248337","https://openalex.org/W2049183845","https://openalex.org/W2049188895","https://openalex.org/W2049571112","https://openalex.org/W2054994890","https://openalex.org/W2056075452","https://openalex.org/W2062830664","https://openalex.org/W2081683552","https://openalex.org/W2083839828","https://openalex.org/W2084044852","https://openalex.org/W2085697562","https://openalex.org/W2091494072","https://openalex.org/W2092052260","https://openalex.org/W2103768768","https://openalex.org/W2104880015","https://openalex.org/W2122413203","https://openalex.org/W2126826472","https://openalex.org/W2168393938","https://openalex.org/W2514365227","https://openalex.org/W2603519869","https://openalex.org/W2999550365","https://openalex.org/W4230331132","https://openalex.org/W4285719527","https://openalex.org/W6609743119","https://openalex.org/W6735806904"],"related_works":["https://openalex.org/W2584162156","https://openalex.org/W3005750480","https://openalex.org/W4386208045","https://openalex.org/W4285359482","https://openalex.org/W3159280571","https://openalex.org/W4230628385","https://openalex.org/W2126017555","https://openalex.org/W2188290711","https://openalex.org/W1919881717","https://openalex.org/W19906931"],"abstract_inverted_index":{"Purpose":[0],"The":[1],"purpose":[2],"of":[3,11,20,39,65,108,116,129,140,150],"this":[4],"paper":[5],"is":[6],"to":[7,75],"study":[8,100,147],"the":[9,18,54,73,83,99,106,117,126,138,145],"implementation":[10,107],"organizational":[12,58,93,109,118,142,151],"information":[13,33,59,110,119,130],"security":[14,34,44,48,60,111,120,143,152],"measures":[15,45,61,94,112],"and":[16,28,51,113],"assess":[17],"effectiveness":[19,115,139],"such":[21,46],"measures.":[22,121,153],"Design/methodology/approach":[23],"A":[24],"survey":[25],"was":[26],"designed":[27],"data":[29],"were":[30],"collected":[31],"from":[32],"managers":[35],"in":[36,62],"a":[37,63,76],"selection":[38],"Norwegian":[40,66],"organizations.":[41,67],"Findings":[42],"Technical\u2010administrative":[43],"as":[47,89],"policies,":[49],"procedures":[50],"methods":[52],"are":[53,70,81,87],"most":[55,133],"commonly":[56],"implemented":[57],"sample":[64],"Awareness\u2010creating":[68],"activities":[69],"applied":[71],"by":[72],"organizations":[74],"considerably":[77],"lesser":[78],"extent,":[79],"but":[80],"at":[82,137],"same":[84],"time":[85],"these":[86],"assessed":[88,114],"being":[90],"more":[91],"effective":[92],"than":[95],"technical\u2010administrative":[96],"ones.":[97],"Consequently,":[98],"shows":[101],"an":[102],"inverse":[103],"relationship":[104],"between":[105],"Originality/value":[122],"Provides":[123],"insight":[124],"into":[125],"non\u2010technological":[127],"side":[128],"security.":[131],"While":[132],"other":[134],"studies":[135],"look":[136],"single":[141],"measures,":[144],"present":[146],"considers":[148],"combinations":[149]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":8},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":8},{"year":2018,"cited_by_count":13},{"year":2017,"cited_by_count":11},{"year":2016,"cited_by_count":8},{"year":2015,"cited_by_count":12},{"year":2014,"cited_by_count":10},{"year":2013,"cited_by_count":12},{"year":2012,"cited_by_count":19}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}
