1. Brotby, K.: Information security governance: a practical development and implementation approach - appendix a: Sabsa business attributes and metrics. Information Security Governance: A Practical Development and Implementation Approach (2008). https://doi.org/10.1002/9780470476017.app1. Accessed Sept 2023

2. Department for Digital, Culture, Media and Sport, Ipsos MORI, University of Portsmouth: Cyber security breaches survey 2018. https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2018 (2018). Accessed Feb 2019

3. European Central Bank: What is tiber-eu? https://www.ecb.europa.eu/paym/cyber-resilience/tiber-eu/html/index.en.html. Accessed Sept 2023

4. European Commission: Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts (2021). https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex:52021PC0206. Proposal for a Regulation of the European Parliament and of the Council, No. COM/2021/206 final

5. European Union: Directive (EU) 2016/1148 of the European parliament and of the council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the union. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016L1148 (2016). Accessed June 2023