{"id":"https://openalex.org/W2012881559","doi":"https://doi.org/10.15439/2014f77","title":"A Comparison between Business Process Management and Information Security Management","display_name":"A Comparison between Business Process Management and Information Security Management","publication_year":2014,"publication_date":"2014-09-29","ids":{"openalex":"https://openalex.org/W2012881559","doi":"https://doi.org/10.15439/2014f77","mag":"2012881559"},"language":"en","primary_location":{"id":"doi:10.15439/2014f77","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2014f77","pdf_url":null,"source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.15439/2014f77","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5030395548","display_name":"Gaute Wangen","orcid":"https://orcid.org/0000-0002-3861-6746"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Gaute Wangen","raw_affiliation_strings":["Norwegian Information Security Laboratory, Gjovik University College, Teknologiveien 22, 2802, Norway"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Norwegian Information Security Laboratory, Gjovik University College, Teknologiveien 22, 2802, Norway","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5007276490","display_name":"Einar Snekkenes","orcid":"https://orcid.org/0000-0002-2277-6964"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Einar Arthur Snekkenes","raw_affiliation_strings":["Norwegian Information Security Laboratory, Gjovik University College, Teknologiveien 22, 2802, Norway"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Norwegian Information Security Laboratory, Gjovik University College, Teknologiveien 22, 2802, Norway","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5030395548"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":7.7695,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.97876858,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"2","issue":null,"first_page":"901","last_page":"910"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10703","display_name":"Business Process Modeling and Analysis","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10703","display_name":"Business Process Modeling and Analysis","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11572","display_name":"Information Technology Governance and Strategy","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/business-process-management","display_name":"Business process management","score":0.5698080062866211},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.5632629990577698},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.5369076728820801},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5248211026191711},{"id":"https://openalex.org/keywords/information-management","display_name":"Information management","score":0.4853717088699341},{"id":"https://openalex.org/keywords/business-process","display_name":"Business process","score":0.4583529829978943},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.44971784949302673},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.4432523250579834},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4216250777244568},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.38108527660369873},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.3571128845214844},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3242514729499817},{"id":"https://openalex.org/keywords/work-in-process","display_name":"Work in process","score":0.16964110732078552},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.12433317303657532},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.06627705693244934},{"id":"https://openalex.org/keywords/marketing","display_name":"Marketing","score":0.06301924586296082}],"concepts":[{"id":"https://openalex.org/C80309976","wikidata":"https://www.wikidata.org/wiki/Q7007379","display_name":"Business process management","level":4,"score":0.5698080062866211},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.5632629990577698},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.5369076728820801},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5248211026191711},{"id":"https://openalex.org/C128487930","wikidata":"https://www.wikidata.org/wiki/Q579488","display_name":"Information management","level":2,"score":0.4853717088699341},{"id":"https://openalex.org/C85345410","wikidata":"https://www.wikidata.org/wiki/Q851587","display_name":"Business process","level":3,"score":0.4583529829978943},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.44971784949302673},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.4432523250579834},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4216250777244568},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.38108527660369873},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.3571128845214844},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3242514729499817},{"id":"https://openalex.org/C174998907","wikidata":"https://www.wikidata.org/wiki/Q357662","display_name":"Work in process","level":2,"score":0.16964110732078552},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.12433317303657532},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.06627705693244934},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.06301924586296082},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.15439/2014f77","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2014f77","pdf_url":null,"source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.658.6665","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.658.6665","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"https://fedcsis.org/proceedings/2014/pliks/77.pdf","raw_type":"text"},{"id":"pmh:oai:brage.bibsys.no:11250/2483957","is_oa":true,"landing_page_url":"http://hdl.handle.net/11250/2483957","pdf_url":null,"source":{"id":"https://openalex.org/S4306401716","display_name":"Duo Research Archive (University of Oslo)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I184942183","host_organization_name":"University of Oslo","host_organization_lineage":["https://openalex.org/I184942183"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"901-910","raw_type":"info:eu-repo/semantics/bookPart"},{"id":"pmh:oai:doaj.org/article:4385e8a96f9d4c8b9ea3417e5513ee3c","is_oa":false,"landing_page_url":"https://doaj.org/article/4385e8a96f9d4c8b9ea3417e5513ee3c","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Annals of computer science and information systems, Vol 2, Pp 901-910 (2014)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.15439/2014f77","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2014f77","pdf_url":null,"source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W11496900","https://openalex.org/W32063464","https://openalex.org/W112401318","https://openalex.org/W138279421","https://openalex.org/W1529640346","https://openalex.org/W1586642858","https://openalex.org/W1920174396","https://openalex.org/W1977408442","https://openalex.org/W2020916311","https://openalex.org/W2039648693","https://openalex.org/W2074072207","https://openalex.org/W2076664845","https://openalex.org/W2091494072","https://openalex.org/W2094608307","https://openalex.org/W2104740883","https://openalex.org/W2111196356","https://openalex.org/W2123327789","https://openalex.org/W2136769082","https://openalex.org/W2144015498","https://openalex.org/W2151164148","https://openalex.org/W2152216308","https://openalex.org/W2164464887","https://openalex.org/W2271030190","https://openalex.org/W2314501994","https://openalex.org/W2556241371","https://openalex.org/W2622974182","https://openalex.org/W2758982613","https://openalex.org/W2787816013"],"related_works":["https://openalex.org/W2356973015","https://openalex.org/W2964588687","https://openalex.org/W147109933","https://openalex.org/W64368977","https://openalex.org/W2356121836","https://openalex.org/W763622638","https://openalex.org/W2009076256","https://openalex.org/W2100127921","https://openalex.org/W3202763874","https://openalex.org/W2398260073"],"abstract_inverted_index":{"Abstract\u2014Information":[0],"Security":[1,67],"Standards":[2],"such":[3],"as":[4,22],"NIST":[5],"SP":[6],"800-39":[7],"and":[8,58,65,70,74,100,121],"ISO/IEC":[9],"27005:2011":[10],"are":[11],"turning":[12],"their":[13],"scope":[14],"towards":[15],"business":[16,36,42],"process":[17,37,43],"security.":[18],"And":[19],"rightly":[20],"so,":[21],"introducing":[23],"an":[24],"infor-mation":[25],"security":[26,48],"control":[27],"into":[28],"a":[29,41,112],"business-processing":[30],"environment":[31],"is":[32,111],"likely":[33],"to":[34,133],"affect":[35],"flow,":[38],"while":[39],"redesigning":[40],"will":[44],"most":[45],"certainly":[46],"have":[47,143],"implications.":[49],"Hence,":[50],"in":[51,115,147],"this":[52],"paper,":[53],"we":[54],"investigate":[55],"the":[56,72,78,106,116,134,140],"similarities":[57],"differences":[59],"between":[60],"Business":[61],"Process":[62],"Management":[63,68],"(BPM)":[64],"Information":[66],"(ISM),":[69],"explore":[71],"obstacles":[73],"opportunities":[75],"for":[76,88],"integrating":[77],"two":[79],"concepts.":[80],"We":[81],"compare":[82],"three":[83],"levels":[84],"of":[85,123,139],"abstraction":[86],"common":[87],"both":[89,124],"approaches;":[90],"top-level":[91],"implementa-tion":[92],"strategies,":[93,118],"organizational":[94,119],"risk":[95],"views":[96,120],"&amp;amp;":[97],"associated":[98],"tasks,":[99],"domains.":[101],"With":[102],"some":[103,138],"minor":[104],"differences,":[105],"comparisons":[107],"shows":[108,129],"that":[109,130],"there":[110],"strong":[113],"similarity":[114],"implementation":[117],"tasks":[122],"methods.":[125],"The":[126],"domain":[127],"comparison":[128],"ISM":[131],"maps":[132],"BPM":[135,141],"domains;":[136],"however,":[137],"domains":[142],"only":[144],"limited":[145],"support":[146],"ISM.":[148]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":3}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}