1. Alberts C, Dorofee A (2003) Managing information security risks: The OCTAVE approach. SEI series in software engineering. Addison-Wesley. https://books.google.com.sg/books?id=EGInzsKcG_8C

2. Blank R, Gallagher P, Group JTFTIIW et al (2013) Nist special publication 800-53, security and privacy controls for federal information systems and organizations, revision 4. National Institute of Standards and Technology (NIST), Washington

3. CAIRIS (2020) Cairis. https://cairis.org/index.html

4. Cau D (2014) Governance risk and compliance (grc) software business needs and market trends. Deloitte

5. Charis R (2012) Tetra for rail. In: TETRA & Critical Communications Association (TCCA) Seminars