{"id":"https://openalex.org/W2526903273","doi":"https://doi.org/10.15439/2016f158","title":"An initial insight into Information Security Risk Assessment practices","display_name":"An initial insight into Information Security Risk Assessment practices","publication_year":2016,"publication_date":"2016-10-02","ids":{"openalex":"https://openalex.org/W2526903273","doi":"https://doi.org/10.15439/2016f158","mag":"2526903273"},"language":"en","primary_location":{"id":"doi:10.15439/2016f158","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2016f158","pdf_url":"https://annals-csis.org/proceedings/2016/pliks/158.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://annals-csis.org/proceedings/2016/pliks/158.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5030395548","display_name":"Gaute Wangen","orcid":"https://orcid.org/0000-0002-3861-6746"},"institutions":[{"id":"https://openalex.org/I4210127026","display_name":"Ko-Aks (Norway)","ror":"https://ror.org/036jhyh48","country_code":"NO","type":"company","lineage":["https://openalex.org/I4210127026"]}],"countries":["NO"],"is_corresponding":true,"raw_author_name":"Gaute Wangen","raw_affiliation_strings":["NISLab and CCIS, NTNU Gjovik Teknologiveien 22, 2802 Gjovik, Norway"],"affiliations":[{"raw_affiliation_string":"NISLab and CCIS, NTNU Gjovik Teknologiveien 22, 2802 Gjovik, Norway","institution_ids":["https://openalex.org/I4210127026"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5030395548"],"corresponding_institution_ids":["https://openalex.org/I4210127026"],"apc_list":null,"apc_paid":null,"fwci":0.9438,"has_fulltext":true,"cited_by_count":7,"citation_normalized_percentile":{"value":0.8009165,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"8","issue":null,"first_page":"999","last_page":"1008"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9887999892234802,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9836000204086304,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.6895449161529541},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.5550308227539062},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.5351933240890503},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5056052207946777},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4859865605831146},{"id":"https://openalex.org/keywords/field","display_name":"Field (mathematics)","score":0.4651525914669037},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.46190008521080017},{"id":"https://openalex.org/keywords/information-assurance","display_name":"Information assurance","score":0.45863473415374756},{"id":"https://openalex.org/keywords/incentive","display_name":"Incentive","score":0.4551118016242981},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.43558451533317566},{"id":"https://openalex.org/keywords/information-systems-security","display_name":"Information systems security","score":0.4241909384727478},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.38787442445755005},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.34907692670822144},{"id":"https://openalex.org/keywords/information-system","display_name":"Information system","score":0.3485219478607178},{"id":"https://openalex.org/keywords/management-information-systems","display_name":"Management information systems","score":0.21336260437965393},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.20165088772773743},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.1944272518157959},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.19131335616111755}],"concepts":[{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.6895449161529541},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.5550308227539062},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.5351933240890503},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5056052207946777},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4859865605831146},{"id":"https://openalex.org/C9652623","wikidata":"https://www.wikidata.org/wiki/Q190109","display_name":"Field (mathematics)","level":2,"score":0.4651525914669037},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.46190008521080017},{"id":"https://openalex.org/C2780795517","wikidata":"https://www.wikidata.org/wiki/Q6030997","display_name":"Information assurance","level":3,"score":0.45863473415374756},{"id":"https://openalex.org/C29122968","wikidata":"https://www.wikidata.org/wiki/Q1414816","display_name":"Incentive","level":2,"score":0.4551118016242981},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.43558451533317566},{"id":"https://openalex.org/C2988319471","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information systems security","level":4,"score":0.4241909384727478},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.38787442445755005},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.34907692670822144},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.3485219478607178},{"id":"https://openalex.org/C29848774","wikidata":"https://www.wikidata.org/wiki/Q61905","display_name":"Management information systems","level":3,"score":0.21336260437965393},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.20165088772773743},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.1944272518157959},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.19131335616111755},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C202444582","wikidata":"https://www.wikidata.org/wiki/Q837863","display_name":"Pure mathematics","level":1,"score":0.0},{"id":"https://openalex.org/C175444787","wikidata":"https://www.wikidata.org/wiki/Q39072","display_name":"Microeconomics","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.15439/2016f158","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2016f158","pdf_url":"https://annals-csis.org/proceedings/2016/pliks/158.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},{"id":"pmh:oai:brage.bibsys.no:11250/2484060","is_oa":true,"landing_page_url":"http://hdl.handle.net/11250/2484060","pdf_url":null,"source":{"id":"https://openalex.org/S4306401716","display_name":"Duo Research Archive (University of Oslo)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I184942183","host_organization_name":"University of Oslo","host_organization_lineage":["https://openalex.org/I184942183"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"999-1008","raw_type":"info:eu-repo/semantics/bookPart"},{"id":"pmh:oai:doaj.org/article:75d53544c5424094965ace9236879235","is_oa":true,"landing_page_url":"https://doaj.org/article/75d53544c5424094965ace9236879235","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Annals of computer science and information systems, Vol 8, Pp 999-1008 (2016)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.15439/2016f158","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2016f158","pdf_url":"https://annals-csis.org/proceedings/2016/pliks/158.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2526903273.pdf","grobid_xml":"https://content.openalex.org/works/W2526903273.grobid-xml"},"referenced_works_count":20,"referenced_works":["https://openalex.org/W1516922439","https://openalex.org/W1567774672","https://openalex.org/W1991623719","https://openalex.org/W1994621643","https://openalex.org/W2033450431","https://openalex.org/W2062830664","https://openalex.org/W2064553186","https://openalex.org/W2069700160","https://openalex.org/W2091494072","https://openalex.org/W2093217276","https://openalex.org/W2099775215","https://openalex.org/W2560680336","https://openalex.org/W2787816013","https://openalex.org/W3124896223","https://openalex.org/W4232954129","https://openalex.org/W4247822198","https://openalex.org/W4250074889","https://openalex.org/W4253388879","https://openalex.org/W4254434816","https://openalex.org/W6685273911"],"related_works":["https://openalex.org/W2140998642","https://openalex.org/W3041075136","https://openalex.org/W2064443904","https://openalex.org/W2285205992","https://openalex.org/W1761928473","https://openalex.org/W2066272013","https://openalex.org/W2488601579","https://openalex.org/W2280699381","https://openalex.org/W3006961029","https://openalex.org/W2480445825"],"abstract_inverted_index":{"Much":[0],"of":[1,20,57,86,126,138],"the":[2,14,18,42,47,55,87,91,124,139,145],"debate":[3],"surrounding":[4],"risk":[5,44,49,116],"management":[6],"in":[7,68,153],"information":[8],"security":[9],"(InfoSec)":[10],"has":[11],"been":[12],"at":[13,100],"academic":[15],"level,":[16],"where":[17,61],"question":[19],"how":[21,41,96],"practitioners":[22],"view":[23],"predominant":[24],"issues":[25,67,122],"is":[26,93],"an":[27,37,106],"essential":[28],"element":[29],"often":[30],"left":[31],"unexplored.":[32],"Thus,":[33],"this":[34],"article":[35],"represents":[36],"initial":[38],"insight":[39,107],"into":[40,108],"InfoSec":[43,48,154],"professionals":[45],"see":[46],"assessment":[50],"(ISRA)":[51],"field.":[52],"We":[53],"present":[54],"results":[56],"a":[58],"46-participant":[59],"study":[60,92],"have":[62],"gathered":[63],"data":[64,82],"regarding":[65,95],"known":[66],"ISRA.":[69],"The":[70,136],"survey":[71],"design":[72],"was":[73],"such":[74],"that":[75],"we":[76,119],"collected":[77],"both":[78],"qualitative":[79,127],"and":[80,111,128,134,147],"quantitative":[81,129],"for":[83,150],"analysis.":[84],"One":[85],"key":[88,109],"contributions":[89],"from":[90],"knowledge":[94,112],"to":[97,114,143],"handle":[98],"risks":[99],"different":[101],"organizational":[102],"tiers,":[103],"together":[104,131],"with":[105,132],"roles":[110],"needed":[113],"conduct":[115],"assessments.":[117],"Also,":[118],"document":[120],"several":[121],"concerning":[123],"application":[125],"methods,":[130],"drawbacks":[133],"advantages.":[135],"findings":[137],"analysis":[140],"provides":[141],"incentives":[142],"strengthen":[144],"research":[146,152],"scientific":[148],"work":[149],"future":[151],"management.":[155]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":3},{"year":2017,"cited_by_count":2}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}