{"id":"https://openalex.org/W2549386862","doi":"https://doi.org/10.1108/ics-07-2015-0030","title":"Mapping information security standard ISO 27002 to an ontological structure","display_name":"Mapping information security standard ISO 27002 to an ontological structure","publication_year":2016,"publication_date":"2016-11-14","ids":{"openalex":"https://openalex.org/W2549386862","doi":"https://doi.org/10.1108/ics-07-2015-0030","mag":"2549386862"},"language":"en","primary_location":{"id":"doi:10.1108/ics-07-2015-0030","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-07-2015-0030","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5001374797","display_name":"Stefan Fenz","orcid":"https://orcid.org/0000-0002-2880-1526"},"institutions":[{"id":"https://openalex.org/I145847075","display_name":"TU Wien","ror":"https://ror.org/04d836q62","country_code":"AT","type":"education","lineage":["https://openalex.org/I145847075"]}],"countries":["AT"],"is_corresponding":true,"raw_author_name":"Stefan Fenz","raw_affiliation_strings":["Institute of Software Technology and Interactive Systems, Vienna University of Technology, Vienna, Austria"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Software Technology and Interactive Systems, Vienna University of Technology, Vienna, Austria","institution_ids":["https://openalex.org/I145847075"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003846098","display_name":"Stefanie Plieschnegger","orcid":null},"institutions":[{"id":"https://openalex.org/I4210144213","display_name":"Xylem (United States)","ror":"https://ror.org/04j6nkt56","country_code":"US","type":"company","lineage":["https://openalex.org/I4210144213"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Stefanie Plieschnegger","raw_affiliation_strings":["Xylem Technologies, Vienna, Austria"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Xylem Technologies, Vienna, Austria","institution_ids":["https://openalex.org/I4210144213"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5045490126","display_name":"Heidi Hobel","orcid":null},"institutions":[{"id":"https://openalex.org/I4210167190","display_name":"SBA Research","ror":"https://ror.org/05nny6x17","country_code":"AT","type":"facility","lineage":["https://openalex.org/I4210167190"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Heidi Hobel","raw_affiliation_strings":["SBA Research, Vienna, Austria"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"SBA Research, Vienna, Austria","institution_ids":["https://openalex.org/I4210167190"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5001374797"],"corresponding_institution_ids":["https://openalex.org/I145847075"],"apc_list":null,"apc_paid":null,"fwci":4.8313,"has_fulltext":false,"cited_by_count":25,"citation_normalized_percentile":{"value":0.95422538,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"24","issue":"5","first_page":"452","last_page":"473"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13295","display_name":"Safety Systems Engineering in Autonomy","score":0.9884999990463257,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9797999858856201,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/standard-of-good-practice","display_name":"Standard of Good Practice","score":0.6138558983802795},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5971252918243408},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5277336835861206},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.4717826545238495},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.4574427604675293},{"id":"https://openalex.org/keywords/representation","display_name":"Representation (politics)","score":0.4526864290237427},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.45046326518058777},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4117845296859741},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.4040556848049164},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3960326015949249},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.36171895265579224},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3275739848613739},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.28340551257133484},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.11894890666007996},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.09538513422012329},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.07452413439750671}],"concepts":[{"id":"https://openalex.org/C47309137","wikidata":"https://www.wikidata.org/wiki/Q7598357","display_name":"Standard of Good Practice","level":5,"score":0.6138558983802795},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5971252918243408},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5277336835861206},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.4717826545238495},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.4574427604675293},{"id":"https://openalex.org/C2776359362","wikidata":"https://www.wikidata.org/wiki/Q2145286","display_name":"Representation (politics)","level":3,"score":0.4526864290237427},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.45046326518058777},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4117845296859741},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.4040556848049164},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3960326015949249},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.36171895265579224},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3275739848613739},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.28340551257133484},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.11894890666007996},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.09538513422012329},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.07452413439750671},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/ics-07-2015-0030","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-07-2015-0030","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.6299999952316284,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W416981147","https://openalex.org/W1500529282","https://openalex.org/W1594589021","https://openalex.org/W1881860748","https://openalex.org/W1987826190","https://openalex.org/W1996395004","https://openalex.org/W2012644581","https://openalex.org/W2030684361","https://openalex.org/W2039683880","https://openalex.org/W2052086751","https://openalex.org/W2063704486","https://openalex.org/W2121697735","https://openalex.org/W2132714103","https://openalex.org/W2134620015","https://openalex.org/W2145071552","https://openalex.org/W4238409446","https://openalex.org/W4243161795"],"related_works":["https://openalex.org/W2138802450","https://openalex.org/W2126017555","https://openalex.org/W2948947981","https://openalex.org/W17496231","https://openalex.org/W4293560903","https://openalex.org/W2066297175","https://openalex.org/W2188103875","https://openalex.org/W2187812141","https://openalex.org/W3198221199","https://openalex.org/W2116267437"],"abstract_inverted_index":{"Purpose":[0],"The":[1,119],"purpose":[2],"of":[3,11,23,74,95,114,125,143],"this":[4],"paper":[5,90],"is":[6,30],"to":[7,68,78,139],"increase":[8,140],"the":[9,24,35,66,71,79,93,115,126,141,144],"degree":[10],"automation":[12],"within":[13],"information":[14,29],"security":[15,54,134],"compliance":[16,96,145],"projects":[17],"by":[18,101],"introducing":[19],"a":[20,111,122,133],"formal":[21,112,123],"representation":[22,113,124],"ISO":[25,104,127],"27002":[26,105,128],"standard.":[27],"As":[28],"becoming":[31],"more":[32],"valuable":[33],"and":[34,56,82,130],"current":[36],"businesses":[37],"face":[38],"frequent":[39],"attacks":[40],"on":[41],"their":[42,49],"infrastructure,":[43],"enterprises":[44],"need":[45],"support":[46],"at":[47],"protecting":[48,62],"information-based":[50],"assets.":[51,64,117],"Design/methodology/approach":[52],"Information":[53],"standards":[55,81],"guidelines":[57,83],"provide":[58],"baseline":[59],"knowledge":[60],"for":[61],"corporate":[63],"However,":[65],"efforts":[67],"check":[69],"whether":[70],"implemented":[72],"measures":[73],"an":[75],"organization":[76],"adhere":[77],"proposed":[80],"are":[84],"still":[85],"significantly":[86],"high.":[87],"Findings":[88],"This":[89],"shows":[91],"how":[92,132],"process":[94],"checking":[97,146],"can":[98,136],"be":[99,137],"supported":[100],"using":[102],"machine-readable":[103],"control":[106],"descriptions":[107],"in":[108],"combination":[109],"with":[110],"organization\u2019s":[116],"Originality/value":[118],"authors":[120],"created":[121],"standard":[129],"showed":[131],"ontology":[135],"used":[138],"efficiency":[142],"process.":[147]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}