{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T05:46:39Z","timestamp":1725515199231},"publisher-location":"Boston, MA","reference-count":18,"publisher":"Springer US","isbn-type":[{"type":"print","value":"9780387096988"},{"type":"electronic","value":"9780387096995"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-09699-5_32","type":"book-chapter","created":{"date-parts":[[2008,7,16]],"date-time":"2008-07-16T14:12:54Z","timestamp":1216217574000},"page":"493-508","source":"Crossref","is-referenced-by-count":1,"title":["Feasibility of Automated Information Security Compliance Auditing"],"prefix":"10.1007","author":[{"given":"D.","family":"Longley","sequence":"first","affiliation":[]},{"given":"M.","family":"Branagan","sequence":"additional","affiliation":[]},{"given":"W.J.","family":"Caelli","sequence":"additional","affiliation":[]},{"given":"LF","family":"Kwok","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"2","key":"32_CR1","doi-asserted-by":"publisher","first-page":"219","DOI":"10.1147\/sj.462.0219","volume":"46","author":"C. Abrams","year":"2007","unstructured":"C. Abrams, J. vonK\u00e4nel, S. M\u00fcller, B. Pfitzmann, and S. Ruschka-Taylor. Optimized enterprise risk management. IBM Systems Journal, 46 (2):219\u2013234, 2007.","journal-title":"IBM Systems Journal"},{"key":"32_CR2","unstructured":"California Security Breach Information Act. SB 1386, 2003."},{"key":"32_CR3","doi-asserted-by":"crossref","unstructured":"Alison Anderson, Dennis Longley, and Lam For Kwok. Security modelling for organisations. In CCS \u201994: Proceedings of the 2nd ACM Conference on Computer and communications security, pages 241\u2013250, New York, NY, USA, 1994. ACM.","DOI":"10.1145\/191177.191239"},{"issue":"2","key":"32_CR4","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1147\/sj.462.0205","volume":"46","author":"R.K.E Bellamy","year":"2007","unstructured":"R.K.E Bellamy, T. Erickson, B. Fuller, W.A. Kellogg, R. Rosenbaum, J.C. Thomas, and T. Vetting Wolf. Seeing is believing: Designing visualizations for managing risk and compliance. IBM Systems Journal, 46 (2):205 \u2013218, 2007.","journal-title":"IBM Systems Journal"},{"key":"32_CR5","unstructured":"British Standards Institute. BS 7799, Code of Practice for Information Security Management, 1995."},{"key":"32_CR6","unstructured":"British Standards Institute. BS 7799-2, Information Security Management Specification, 2002."},{"issue":"1","key":"32_CR7","first-page":"7","volume":"16","author":"W.J. Caelli","year":"2006","unstructured":"W.J. Caelli, G. Gaskell, LF Kwok, and D. Longley. A model to support information security governance. Journal of Information Risk Management and Audit, 16(1):7\u201324, 2006.","journal-title":"Journal of Information Risk Management and Audit"},{"key":"32_CR8","unstructured":"International Standards Organisation. ISO\/IEC 17799:2000, Information technology\u2014Code of practice for information security management, 2000."},{"key":"32_CR9","unstructured":"Joint Australian and New Zealand Standard. AS\/NZS ISO\/IEC 17799:2001 Information technology\u2014Code of practice for information security management, 2001."},{"key":"32_CR10","unstructured":"Joint Australian and New Zealand Standard. AS\/NZS ISO\/IEC 17799:2006 Information technology\u2014Security techniques\u2014 Code of practice for information security management, 2006."},{"key":"32_CR11","unstructured":"Joint Australian and New Zealand Standard. AS\/NZS ISO\/IEC 27001:2006 Information technology\u2014 Security techniques \u2014 Information security management systems- Requirements, 2006."},{"issue":"2","key":"32_CR12","first-page":"3","volume":"7","author":"Kwok L-F","year":"1999","unstructured":"L-F Kwok and D. Longley. Information security management and modelling. Information Management and Computer Security, 7(2):3\u20134, 1999.","journal-title":"Information Management and Computer Security"},{"issue":"8","key":"32_CR13","doi-asserted-by":"publisher","first-page":"695","DOI":"10.1016\/S0167-4048(97)89722-2","volume":"15","author":"Kwok Lam For","year":"1996","unstructured":"Lam For Kwok and Dennis Longley. A security officer\u2019s workbench. Computers & Security, 15(8):695\u2013705, 1996.","journal-title":"Computers & Security"},{"key":"32_CR14","doi-asserted-by":"crossref","unstructured":"Lam-for Kwok and Dennis Longley. Security modelling for risk analysis. Security and Protection in Information Processing Systems, pages 29\u201345, 2004.","DOI":"10.1007\/1-4020-8143-X_3"},{"key":"32_CR15","unstructured":"Organisation for Economic Co-operation and Development, Directorate for Science Technology and Industry. Guidelines for the security of information systems, 1992."},{"key":"32_CR16","unstructured":"Health Insurance Portability and Accountability Act of 1996. Public law 104-191, united states senate and house of representatives in congress, 1996."},{"key":"32_CR17","unstructured":"Sarbanes-Oxley Act of 2002. Public law 107-204 (116 statute 745), united states senate and house of representatives in congress, 2002."},{"key":"32_CR18","unstructured":"U.K. Department of Trade and Industry. Code of practice for information security management, 1992."}],"container-title":["IFIP \u2013 The International Federation for Information Processing","Proceedings of The Ifip Tc 11 23rd International Information Security Conference"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-09699-5_32.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T21:45:43Z","timestamp":1619559943000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-09699-5_32"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387096988","9780387096995"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-09699-5_32","relation":{},"ISSN":["1571-5736"],"issn-type":[{"type":"print","value":"1571-5736"}],"subject":[]}}