{"id":"https://openalex.org/W2068239667","doi":"https://doi.org/10.1109/isda.2010.5687022","title":"A quantitative framework for dependency-aware organizational IT Risk Management","display_name":"A quantitative framework for dependency-aware organizational IT Risk Management","publication_year":2010,"publication_date":"2010-11-01","ids":{"openalex":"https://openalex.org/W2068239667","doi":"https://doi.org/10.1109/isda.2010.5687022","mag":"2068239667"},"language":"en","primary_location":{"id":"doi:10.1109/isda.2010.5687022","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isda.2010.5687022","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2010 10th International Conference on Intelligent Systems Design and Applications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5062673118","display_name":"Stephan Schmidt","orcid":"https://orcid.org/0000-0002-4998-1167"},"institutions":[{"id":"https://openalex.org/I4210148503","display_name":"Fraunhofer Institute for Production Systems and Design Technology","ror":"https://ror.org/045eg9c12","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210148503","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Stephan Schmidt","raw_affiliation_strings":["DAI Laboratories, Berlin Institute of Technology, Berlin, Germany","DAI Laboratories, Berlin Institute of Technology, Ernst-Reuter-Platz 7, 10587 Berlin, Germany"],"affiliations":[{"raw_affiliation_string":"DAI Laboratories, Berlin Institute of Technology, Berlin, Germany","institution_ids":["https://openalex.org/I4210148503","https://openalex.org/I4577782"]},{"raw_affiliation_string":"DAI Laboratories, Berlin Institute of Technology, Ernst-Reuter-Platz 7, 10587 Berlin, Germany","institution_ids":["https://openalex.org/I4210148503","https://openalex.org/I4577782"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089847337","display_name":"\u015eahin Albayrak","orcid":"https://orcid.org/0000-0001-5092-4584"},"institutions":[{"id":"https://openalex.org/I4210148503","display_name":"Fraunhofer Institute for Production Systems and Design Technology","ror":"https://ror.org/045eg9c12","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210148503","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sahin Albayrak","raw_affiliation_strings":["DAI Laboratories, Berlin Institute of Technology, Berlin, Germany","DAI Laboratories, Berlin Institute of Technology, Ernst-Reuter-Platz 7, 10587 Berlin, Germany"],"affiliations":[{"raw_affiliation_string":"DAI Laboratories, Berlin Institute of Technology, Berlin, Germany","institution_ids":["https://openalex.org/I4210148503","https://openalex.org/I4577782"]},{"raw_affiliation_string":"DAI Laboratories, Berlin Institute of Technology, Ernst-Reuter-Platz 7, 10587 Berlin, Germany","institution_ids":["https://openalex.org/I4210148503","https://openalex.org/I4577782"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5062673118"],"corresponding_institution_ids":["https://openalex.org/I4210148503","https://openalex.org/I4577782"],"apc_list":null,"apc_paid":null,"fwci":3.4685,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.93835275,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"5141","issue":null,"first_page":"1207","last_page":"1212"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6999144554138184},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6982004642486572},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.6817938089370728},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.6287894248962402},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.6091718077659607},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5893547534942627},{"id":"https://openalex.org/keywords/business-process","display_name":"Business process","score":0.5372782349586487},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.521298885345459},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5046156644821167},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4843900799751282},{"id":"https://openalex.org/keywords/scheme","display_name":"Scheme (mathematics)","score":0.4767744839191437},{"id":"https://openalex.org/keywords/asset-management","display_name":"Asset management","score":0.4691782295703888},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.4410701096057892},{"id":"https://openalex.org/keywords/risk-management-framework","display_name":"Risk management framework","score":0.44062793254852295},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3364894390106201},{"id":"https://openalex.org/keywords/it-risk-management","display_name":"IT risk management","score":0.28739386796951294},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.224808931350708},{"id":"https://openalex.org/keywords/work-in-process","display_name":"Work in process","score":0.16716673970222473},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.1334078311920166},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.13135701417922974},{"id":"https://openalex.org/keywords/operations-management","display_name":"Operations management","score":0.13049110770225525},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.10834342241287231},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.08426529169082642}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6999144554138184},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6982004642486572},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.6817938089370728},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.6287894248962402},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.6091718077659607},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5893547534942627},{"id":"https://openalex.org/C85345410","wikidata":"https://www.wikidata.org/wiki/Q851587","display_name":"Business process","level":3,"score":0.5372782349586487},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.521298885345459},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5046156644821167},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4843900799751282},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.4767744839191437},{"id":"https://openalex.org/C2776517139","wikidata":"https://www.wikidata.org/wiki/Q873442","display_name":"Asset management","level":2,"score":0.4691782295703888},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.4410701096057892},{"id":"https://openalex.org/C164403151","wikidata":"https://www.wikidata.org/wiki/Q7336280","display_name":"Risk management framework","level":4,"score":0.44062793254852295},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3364894390106201},{"id":"https://openalex.org/C95609273","wikidata":"https://www.wikidata.org/wiki/Q5975208","display_name":"IT risk management","level":3,"score":0.28739386796951294},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.224808931350708},{"id":"https://openalex.org/C174998907","wikidata":"https://www.wikidata.org/wiki/Q357662","display_name":"Work in process","level":2,"score":0.16716673970222473},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.1334078311920166},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.13135701417922974},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.13049110770225525},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.10834342241287231},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.08426529169082642},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/isda.2010.5687022","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isda.2010.5687022","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2010 10th International Conference on Intelligent Systems Design and Applications","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W199783239","https://openalex.org/W1559834288","https://openalex.org/W1856750239","https://openalex.org/W1969427620","https://openalex.org/W1971632589","https://openalex.org/W1979321728","https://openalex.org/W2026286248","https://openalex.org/W2056075452","https://openalex.org/W2135898994","https://openalex.org/W2144173251","https://openalex.org/W2149289754","https://openalex.org/W2167812033","https://openalex.org/W2399975891","https://openalex.org/W6608157748"],"related_works":["https://openalex.org/W2067317451","https://openalex.org/W2154771632","https://openalex.org/W4211085505","https://openalex.org/W3122478268","https://openalex.org/W2084758217","https://openalex.org/W408804804","https://openalex.org/W4231021675","https://openalex.org/W3086365953","https://openalex.org/W4226072953","https://openalex.org/W2392606101"],"abstract_inverted_index":{"In":[0],"this":[1],"paper,":[2],"we":[3,41],"introduce":[4],"a":[5,18,32,51,86,101],"new":[6],"scheme":[7],"for":[8,79],"performing":[9],"IT":[10,47,58,70],"Risk":[11],"Management":[12],"within":[13],"organizational":[14],"domains.":[15],"It":[16],"adopts":[17],"business":[19,43],"process-oriented":[20],"view":[21],"which":[22],"integrates":[23],"risk":[24,29,66,108],"assessment,":[25],"vulnerability":[26,60],"assessment":[27],"and":[28,54,61,104],"mitigation":[30,83,90],"into":[31,39],"quantitative":[33,82],"framework.":[34],"Taking":[35],"the":[36,69,94],"asset":[37],"dependencies":[38],"account,":[40],"map":[42],"process":[44,97],"values":[45],"to":[46,64],"hardware":[48,71],"components":[49],"in":[50],"hierarchical":[52],"fashion":[53],"combine":[55],"it":[56],"with":[57],"system":[59,72],"threat":[62],"analysis":[63],"derive":[65],"scores":[67],"on":[68],"level.":[73],"We":[74,92],"then":[75],"apply":[76],"discrete-time":[77],"algorithms":[78],"computing":[80],"cost-optimal":[81],"strategies":[84],"given":[85],"set":[87],"of":[88,100],"available":[89],"actions.":[91],"illustrate":[93],"entire":[95],"integrated":[96],"by":[98],"means":[99],"case":[102],"study":[103],"show":[105],"that":[106],"considerable":[107],"reduction":[109],"can":[110],"be":[111],"achieved.":[112]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3},{"year":2018,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2012,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}