{"id":"https://openalex.org/W2625121737","doi":"https://doi.org/10.1109/mitp.2018.011291353","title":"Improving Transparency and Efficiency in IT Security Management Resourcing","display_name":"Improving Transparency and Efficiency in IT Security Management Resourcing","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2625121737","doi":"https://doi.org/10.1109/mitp.2018.011291353","mag":"2625121737"},"language":"en","primary_location":{"id":"doi:10.1109/mitp.2018.011291353","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mitp.2018.011291353","pdf_url":null,"source":{"id":"https://openalex.org/S86192639","display_name":"IT Professional","issn_l":"1520-9202","issn":["1520-9202","1941-045X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IT Professional","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5051192413","display_name":"Knut Haufe","orcid":"https://orcid.org/0000-0002-6019-2476"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Knut Haufe","raw_affiliation_strings":["PwC Cybersecurity Services"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"PwC Cybersecurity Services","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052970421","display_name":"Srdan Dzombeta","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Srdan Dzombeta","raw_affiliation_strings":["PwC Cybersecurity Services"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"PwC Cybersecurity Services","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049973269","display_name":"Knud Brandis","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Knud Brandis","raw_affiliation_strings":["PwC Cybersecurity Services"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"PwC Cybersecurity Services","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048631742","display_name":"Vladimir Stantchev","orcid":"https://orcid.org/0000-0002-1551-419X"},"institutions":[{"id":"https://openalex.org/I249157770","display_name":"SRH University Berlin","ror":"https://ror.org/01prjcc04","country_code":"DE","type":"education","lineage":["https://openalex.org/I249157770"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Vladimir Stantchev","raw_affiliation_strings":["SRH University Berlin","SRH University, Berlin"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"SRH University Berlin","institution_ids":["https://openalex.org/I249157770"]},{"raw_affiliation_string":"SRH University, Berlin","institution_ids":["https://openalex.org/I249157770"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038626586","display_name":"Ricardo Colomo\u2010Palacios","orcid":"https://orcid.org/0000-0002-1555-9726"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ricardo Colomo-Palacios","raw_affiliation_strings":["&#xD8;stfold University College"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"&#xD8;stfold University College","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.8226,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.79873153,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":"20","issue":"1","first_page":"53","last_page":"62"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/transparency","display_name":"Transparency (behavior)","score":0.691234827041626},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.6391465663909912},{"id":"https://openalex.org/keywords/itil-security-management","display_name":"ITIL security management","score":0.600033164024353},{"id":"https://openalex.org/keywords/information-security-management-system","display_name":"Information security management system","score":0.5731005668640137},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.542428731918335},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.528426468372345},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5179364085197449},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49230706691741943},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.46019887924194336},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.4527556598186493},{"id":"https://openalex.org/keywords/plan","display_name":"Plan (archaeology)","score":0.4158136248588562},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4143361449241638},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.38857588171958923},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.3739111125469208},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.367546021938324},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.30080413818359375},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.2997001111507416},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.22244173288345337},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.14191675186157227}],"concepts":[{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.691234827041626},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.6391465663909912},{"id":"https://openalex.org/C114351632","wikidata":"https://www.wikidata.org/wiki/Q5974820","display_name":"ITIL security management","level":5,"score":0.600033164024353},{"id":"https://openalex.org/C111153917","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management system","level":5,"score":0.5731005668640137},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.542428731918335},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.528426468372345},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5179364085197449},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49230706691741943},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.46019887924194336},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.4527556598186493},{"id":"https://openalex.org/C2776505523","wikidata":"https://www.wikidata.org/wiki/Q4785468","display_name":"Plan (archaeology)","level":2,"score":0.4158136248588562},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4143361449241638},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.38857588171958923},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.3739111125469208},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.367546021938324},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.30080413818359375},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2997001111507416},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.22244173288345337},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.14191675186157227},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/mitp.2018.011291353","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mitp.2018.011291353","pdf_url":null,"source":{"id":"https://openalex.org/S86192639","display_name":"IT Professional","issn_l":"1520-9202","issn":["1520-9202","1941-045X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IT Professional","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W106875263","https://openalex.org/W150069990","https://openalex.org/W605896711","https://openalex.org/W785345151","https://openalex.org/W806739960","https://openalex.org/W1592063330","https://openalex.org/W1930966290","https://openalex.org/W2002601188","https://openalex.org/W2007515719","https://openalex.org/W2019488433","https://openalex.org/W2052016344","https://openalex.org/W2065119831","https://openalex.org/W2093850357","https://openalex.org/W2107954152","https://openalex.org/W2119716788","https://openalex.org/W4232968179","https://openalex.org/W6606042958","https://openalex.org/W6622866041","https://openalex.org/W6655170056","https://openalex.org/W6676612306","https://openalex.org/W7019968700"],"related_works":["https://openalex.org/W1573253764","https://openalex.org/W2483557577","https://openalex.org/W4256374004","https://openalex.org/W2056794087","https://openalex.org/W2546952811","https://openalex.org/W4310892428","https://openalex.org/W2120971814","https://openalex.org/W2725942972","https://openalex.org/W2362334938","https://openalex.org/W2037111858"],"abstract_inverted_index":{"The":[0,21],"authors":[1],"propose":[2],"a":[3],"resource":[4],"management":[5,10],"process":[6,22],"for":[7],"information":[8],"security":[9],"systems":[11],"to":[12],"more":[13],"transparently":[14],"plan":[15],"and":[16,25,36],"assign":[17],"costs":[18],"of":[19,31,44],"controls.":[20],"relies":[23],"on":[24],"is":[26],"compliant":[27],"with":[28],"international":[29],"standards":[30],"the":[32],"ISO/IEC":[33],"27000":[34],"family":[35],"can":[37],"be":[38],"implemented":[39],"by":[40],"all":[41],"organizations":[42],"regardless":[43],"type,":[45],"size,":[46],"or":[47],"nature.":[48]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2018,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}
