乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,31]],"date-time":"2025-03-31T14:44:26Z","timestamp":1743432266578},"reference-count":54,"publisher":"Elsevier BV","issue":"4","license":[{"start":{"date-parts":[[2009,10,1]],"date-time":"2009-10-01T00:00:00Z","timestamp":1254355200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Government Information Quarterly"],"published-print":{"date-parts":[[2009,10]]},"DOI":"10.1016\/j.giq.2009.04.004","type":"journal-article","created":{"date-parts":[[2009,8,3]],"date-time":"2009-08-03T09:48:25Z","timestamp":1249292905000},"page":"584-593","source":"Crossref","is-referenced-by-count":21,"title":["Information security landscape and maturity level: Case study of Malaysian Public Service (MPS) organizations"],"prefix":"10.1016","volume":"26","author":[{"given":"Suhazimah","family":"Dzazali","sequence":"first","affiliation":[]},{"given":"Ainin","family":"Sulaiman","sequence":"additional","affiliation":[]},{"given":"Ali Hussein","family":"Zolait","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.giq.2009.04.004_bib1","unstructured":"Aceituno, V. C. (2004). ISM31.0. \u2014 Information security management maturity model, Institute for Security and Open Methodology. Retrieved January 10, 2005, from http:\/\/isecom.securenetltd.com\/Security_Maturity_Model_v3.0.pdf"},{"issue":"3","key":"10.1016\/j.giq.2009.04.004_bib2","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1016\/S1363-4127(01)00309-0","article-title":"Information security governance","volume":"6","author":"Andersen","year":"2001","journal-title":"Information Security Technical Report"},{"key":"10.1016\/j.giq.2009.04.004_bib3","doi-asserted-by":"crossref","first-page":"125","DOI":"10.1145\/341852.341877","article-title":"Information security management in the new millennium","volume":"43","author":"Backhouse","year":"2000","journal-title":"Communications of the ACM"},{"key":"10.1016\/j.giq.2009.04.004_bib4","series-title":"Designing information system security","author":"Baskerville","year":"1998"},{"key":"10.1016\/j.giq.2009.04.004_bib5","unstructured":"Berinato, S. (2003). After the storm, reform. CIO Magazine. Retrieved October 19, 2004, from http:\/\/www.cio.com\/archive\/121503\/securityfuture.html"},{"key":"10.1016\/j.giq.2009.04.004_bib6","series-title":"Computer security: Threat and countermeasures","author":"Bhaskar","year":"1993"},{"key":"10.1016\/j.giq.2009.04.004_bib7","unstructured":"Brynes, C. (2005). The Gartner Group: Information Security Trends 2005\u20132007. Retrieved July 20, 2006, from http:\/\/www.gartner.com"},{"key":"10.1016\/j.giq.2009.04.004_bib8","unstructured":"BS7799 (British Standard on Information Security System Management) (2000). Retrieved August 10, 2003, from http:\/\/www.bsi-global.com\/Corporate\/17799.xalter"},{"key":"10.1016\/j.giq.2009.04.004_bib9","unstructured":"Caralli, R. A. & Wilson, W.R. (2003). The challenges of security management. Carnegie-Mellon University. Software Engineering Institute. Retrieved October 19, 2004, from http:\/\/www.cert.org\/archive\/pdf\/Esmchallenges.pdf"},{"key":"10.1016\/j.giq.2009.04.004_bib10","unstructured":"COBIT (2000). Control objectives for information and related technology: Management guidelines. Information Systems, Audit, and Control Foundation. Illinois: ISACA, 1997. Retrieved April 20, 2004, from http:\/\/www.isaca.org\/cobit.htm"},{"key":"10.1016\/j.giq.2009.04.004_bib11","unstructured":"COBIT (2002). Control objectives for information and related technology, by the Information Systems, Audit, and Control Foundation. Illinois: ISACA, 1997. Retrieved April 20, 2004, from http:\/\/www.isaca.org\/cobit.htm"},{"key":"10.1016\/j.giq.2009.04.004_bib12","unstructured":"Eloff J.H.P. (2002). What do international standards say on information security policies? Retrieved April 20, 2003, from http:\/\/www.cio.org"},{"issue":"3","key":"10.1016\/j.giq.2009.04.004_bib13","doi-asserted-by":"crossref","first-page":"243","DOI":"10.1016\/S0167-4048(00)88613-7","article-title":"Information security management: A hierarchical framework for various approaches","volume":"19","author":"Eloff","year":"2000","journal-title":"Computers and Security"},{"key":"10.1016\/j.giq.2009.04.004_bib14","unstructured":"Ernst and Young (2004). Ernst and Young Global Information Security Survey 2004. Retrieved March 15, 2005, from http:\/\/www.ey.com"},{"key":"10.1016\/j.giq.2009.04.004_bib15","unstructured":"Ezingeard, J. N. & Bowen-Schrire, M. (2003). Information security: A strategic issue. A conjoint report study, Hanley Management College, UK and Dataf\u00f6reningen, Sweden. Retrieved November 20, 2004, from http:\/\/www.henley.se"},{"issue":"3","key":"10.1016\/j.giq.2009.04.004_bib16","doi-asserted-by":"crossref","first-page":"106","DOI":"10.1108\/09685220310480381","article-title":"The application of information security policies in large UK-based organizations: An exploratory investigation","volume":"11","author":"Fulford","year":"2003","journal-title":"Information Management & Computer Security"},{"key":"10.1016\/j.giq.2009.04.004_bib17","unstructured":"Gordon, L. A., Loeb, G. M., Lucyshyn, W. & Richardson, R. (2004). 9th Annual FBI\/CSI Computer Crime and Security Survey 2004. Retrieved June 24, 2004, from http:\/\/GoCSI.com"},{"key":"10.1016\/j.giq.2009.04.004_bib18","article-title":"Policy development","volume":"Vol. 3","author":"Hare","year":"2002"},{"issue":"5","key":"10.1016\/j.giq.2009.04.004_bib19","doi-asserted-by":"crossref","first-page":"243","DOI":"10.1108\/09685220310500153","article-title":"An integrated system theory of information security management","volume":"11","author":"Hong","year":"2003","journal-title":"Information Management & Computer Security"},{"key":"10.1016\/j.giq.2009.04.004_bib21","unstructured":"ISO\/IEC 17799 (2005). Information technology \u2014 Code of practice for information security management. Geneva: International Organization for Standardization. Retrieved June 24, 2004, from http:\/\/www.iso.org"},{"key":"10.1016\/j.giq.2009.04.004_bib22","unstructured":"IT Governance Institute (2005). Board briefing on IT governance. Retrieved August 11, 2004, from http:\/\/www.itgi.org"},{"key":"10.1016\/j.giq.2009.04.004_bib23","unstructured":"JPA (2005). Malaysian Public Service Department (Jabatan Perkhidmatan Awam Malaysia). Proceedings of Public Service Conference 2005."},{"key":"10.1016\/j.giq.2009.04.004_bib24","unstructured":"Jenkins, J. (2003). Organizational IT security theory and practices: And never the twain shall meet? Retrieved February 27, 2004, from http:\/\/www.sans.org\/rr\/securitybasics\/IT_sec2.php"},{"key":"10.1016\/j.giq.2009.04.004_bib25","unstructured":"Kloman, F. (1998). Integrated risk assessment: Current views of risk management. Risk Management Report, December. Retrieved March 27, 2003 from http:\/\/www.riskreports.com\/htdocs\/riskassessment.html"},{"key":"10.1016\/j.giq.2009.04.004_bib26","unstructured":"Knapp, K., Marshall, T., Rainer, R. K. & Morrow, D. (2004). Top ranked information security issues: The 2004 International Information System Security Certification Consortium (ISC) 2 Survey Results. Retrieved March 20, 2005, from www.isc2.org"},{"key":"10.1016\/j.giq.2009.04.004_bib27","series-title":"Marketing research: An applied orientation","author":"Malhotra","year":"2004"},{"key":"10.1016\/j.giq.2009.04.004_bib28","unstructured":"MAMPU, (2001). Malaysian Administrative Modernization and Management Planning Unit, Mekanisme Pelaporan Insiden Keselamatan Teknologi Maklumat dan Komunikasi (Information and Communications Technology Security Incident Reporting Mechanism), Malaysia Government General Circular No. 1 of 2001. http:\/\/www.mampu.gov.my\/mampu\/bm\/program\/Circulars\/Security\/SPAm012001.html"},{"key":"10.1016\/j.giq.2009.04.004_bib29","unstructured":"MAMPU, (2002). Malaysian Administrative Modernization and Management Planning Unit, Malaysian Public Service Management of ICT Security Handbook (MyMIS), Prime Minister's Department, Government of Malaysia, Percetakan Nasional Malaysia."},{"key":"10.1016\/j.giq.2009.04.004_bib30","unstructured":"MAMPU, (2003). Malaysian Administrative Modernization and Management Planning Unit, Malaysia, Public Service ICT Strategic Plan Executive Summary. Retrieved August 23, 2005, from www.mampu.gov.my\/mampu\/bi\/program\/ict\/ISPlan\/ISPlan.htm"},{"key":"10.1016\/j.giq.2009.04.004_bib31","unstructured":"MAMPU, (2005). Malaysian Administrative Modernization and Management Planning Unit, Director General Briefing on Organization Structure, INTAN. Retrieved September 9, 2005, from http:\/\/www.intanbk.gov.my"},{"key":"10.1016\/j.giq.2009.04.004_bib32","unstructured":"Marsh, J. (2003). Myths managers believe about security. Retrieved February 27, 2003, from http:\/\/www.sans.org\/rr\/start\/myths.php and http:\/\/www.giac.org\/practical\/gsec\/Jerry_Marsh_GSEC.pdf"},{"key":"10.1016\/j.giq.2009.04.004_bib33","first-page":"36","article-title":"Security and risk management: A fundamental business issue","author":"McAdams","year":"2004","journal-title":"Information Management Journal"},{"issue":"1","key":"10.1016\/j.giq.2009.04.004_bib34","doi-asserted-by":"crossref","first-page":"293","DOI":"10.1016\/0167-4048(91)90103-K","article-title":"Control is fundamental to successful information security","volume":"10","author":"Menkus","year":"1991","journal-title":"Computers & Security"},{"key":"10.1016\/j.giq.2009.04.004_bib35","series-title":"Proceedings of the 2nd IFIP international conference on computer security (IFIP\/Sec\"84), Toronto, Ontario, Canada","article-title":"Measuring computer system security using software security metrics","author":"Murine","year":"1984"},{"key":"10.1016\/j.giq.2009.04.004_bib36","unstructured":"Musekura, J.B. & Ekh, R. (2003) Information security issues \u2014 Difference between perception and practice in organizations, Orebro University, Sweden. Retrieved November 20, 2005, from http:\/\/www.oru.se\/oru-upload\/"},{"issue":"2","key":"10.1016\/j.giq.2009.04.004_bib37","first-page":"1","article-title":"Info-terrorism in the age of the internet: Challenges and initiatives","volume":"1","author":"Nakra","year":"2003","journal-title":"Journal of Competitive Intelligence and Management"},{"key":"10.1016\/j.giq.2009.04.004_bib38","unstructured":"NISER (2004). NISER ICT Security Survey for Malaysia 2004. Retrieved May 10, 2005, from http:\/\/www.niser.org"},{"key":"10.1016\/j.giq.2009.04.004_bib39","series-title":"Fighting cyber crime: A new framework for protecting information","year":"1998"},{"key":"10.1016\/j.giq.2009.04.004_bib40","series-title":"Information security risk analysis","author":"Peltier","year":"2001"},{"key":"10.1016\/j.giq.2009.04.004_bib41","unstructured":"PWC (2004). Price Waterhouse Coopers \u2014 2004 ISC2 top issues report. Retrieved March 15, 2005, from http:\/\/www.pwc.com"},{"key":"10.1016\/j.giq.2009.04.004_bib42","unstructured":"Richardson, R. (2003). 8th Annual CSI\/FBI Computer Crime and Security Survey 2003. Retrieved February 5, 2004, from http:\/\/GoCSI.com"},{"key":"10.1016\/j.giq.2009.04.004_bib43","series-title":"Secrets and lies \u2014 Digital security in a networked world","author":"Schneier","year":"2000"},{"issue":"5","key":"10.1016\/j.giq.2009.04.004_bib44","doi-asserted-by":"crossref","first-page":"210","DOI":"10.1108\/09685220210446560","article-title":"Towards maturity of information security maturity criteria: Six lessons learned from software maturity criteria","volume":"10","author":"Siponen","year":"2002","journal-title":"Information Management and Computer Security"},{"issue":"3","key":"10.1016\/j.giq.2009.04.004_bib45","doi-asserted-by":"crossref","first-page":"215","DOI":"10.1016\/S0167-4048(01)00305-4","article-title":"Corporate governance and information security","volume":"20","author":"Solms","year":"2001","journal-title":"Computers and Security"},{"issue":"5","key":"10.1016\/j.giq.2009.04.004_bib46","doi-asserted-by":"crossref","first-page":"371","DOI":"10.1016\/j.cose.2004.05.002","article-title":"The 10 deadly sins of information security","volume":"23","author":"Solms","year":"2004","journal-title":"Computers and Security"},{"key":"10.1016\/j.giq.2009.04.004_bib47","unstructured":"Sommer, R. (2003). How to buy information security. Retrieved July 24, 2004, from http:\/\/www.virtualcity.co.uk.hottobuy.htm"},{"key":"10.1016\/j.giq.2009.04.004_bib48","unstructured":"SSE-CMM (1998). System Security Engineering Capability Maturity Model V.3.0. Carnegie Mellon University. Retrieved January 20, 2005, from http:\/\/www.sse-ccm.org\/model\/model.asp"},{"key":"10.1016\/j.giq.2009.04.004_bib49","first-page":"22","article-title":"Information security program maturity grid","volume":"5","author":"Stacey","year":"1996","journal-title":"Information System Security"},{"key":"10.1016\/j.giq.2009.04.004_bib50","unstructured":"Starr, R., Newfrock, J. & Delurey, M. (2003). Enterprise resilience: Managing risk in the networked economy. Strategy & Business, Spring 2003. Retrieved May 20, 2005, from http:\/\/www.strategy-business.com"},{"key":"10.1016\/j.giq.2009.04.004_bib51","series-title":"Information security architecture: An integrated approach to security in the organization","author":"Tudor","year":"2001"},{"key":"10.1016\/j.giq.2009.04.004_bib52","series-title":"Electronic commerce 2004 \u2014 Managerial perspective","first-page":"1","author":"Turban","year":"2004"},{"key":"10.1016\/j.giq.2009.04.004_bib53","series-title":"Risk management","author":"Vaughn","year":"1997"},{"issue":"2","key":"10.1016\/j.giq.2009.04.004_bib54","doi-asserted-by":"crossref","first-page":"289","DOI":"10.1111\/j.00117315.2004.02059.x","article-title":"How software project risk affects project performance: An investigation of the dimensions of risk and an exploratory model","volume":"35","author":"Wallace","year":"2004","journal-title":"Decision Sciences"},{"key":"10.1016\/j.giq.2009.04.004_bib55","unstructured":"Waring, A. & Glendon, A. I. (1998). Managing risk \u2014 Critical issues for survival and success into the 21st century. UK: Thompson Learning."}],"container-title":["Government Information Quarterly"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0740624X09000859?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0740624X09000859?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2018,12,17]],"date-time":"2018-12-17T20:54:12Z","timestamp":1545080052000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0740624X09000859"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,10]]},"references-count":54,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2009,10]]}},"alternative-id":["S0740624X09000859"],"URL":"https:\/\/doi.org\/10.1016\/j.giq.2009.04.004","relation":{},"ISSN":["0740-624X"],"issn-type":[{"value":"0740-624X","type":"print"}],"subject":[],"published":{"date-parts":[[2009,10]]}}}