Ciência-IUL Publicações Descrição Detalhada da Publicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Fernandes, A., Cruz, J., Silva, M. M. da. & Pereira, R. (2024). Mapping and integrating security and risk standards: A systematic literature review. Journal of Universal Computer Science. 30 (4), 433-448

Exportar Referência (IEEE)

A. Fernandes et al.,  "Mapping and integrating security and risk standards: A systematic literature review", in Journal of Universal Computer Science, vol. 30, no. 4, pp. 433-448, 2024

Exportar BibTeX

@article{fernandes2024_1721989352071,
	author = "Fernandes, A. and Cruz, J. and Silva, M. M. da. and Pereira, R.",
	title = "Mapping and integrating security and risk standards: A systematic literature review",
	journal = "Journal of Universal Computer Science",
	year = "2024",
	volume = "30",
	number = "4",
	doi = "10.3897/jucs.111677",
	pages = "433-448",
	url = "https://lib.jucs.org/"
}

Exportar RIS

TY - JOUR
TI - Mapping and integrating security and risk standards: A systematic literature review
T2 - Journal of Universal Computer Science
VL - 30
IS - 4
AU - Fernandes, A.
AU - Cruz, J.
AU - Silva, M. M. da.
AU - Pereira, R.
PY - 2024
SP - 433-448
SN - 0948-695X
DO - 10.3897/jucs.111677
UR - https://lib.jucs.org/
AB - Organizations are under increasing pressure to comply with various rules, standards, and policies in today’s regulatory environment. Compliance controls are put in place to avoid legal or regulatory violations, which could lead to severe penalties, loss of reputation, and financial damages. However, these controls may have similar scopes and objectives, resulting in duplicated work and unnecessary costs for the organizations. To address this issue, researchers carry out the mapping and integration of these standards to avoid duplication, streamline compliance efforts, and identify best practices. Our work aims to improve the State-of-the-Art by exploring the main benefits and problems resulting from these processes, as well as identifying methods or artifacts that can be reused in the future. We focus on the fields of Risk, Security, and Business Continuity, as these are critical areas where compliance is crucial for organizations. Through our research, we have found that current methods of generating mapping artifacts are not only cumbersome to execute but also ineffective, as they output a single artifact without the reasoning behind it.
ER -