1. ANSSI (2016) Best practices. Available from: https://www.ssi.gouv.fr/administration/bonnes-pratiques/ (20 Oct 2016)

2. IEEE Standards (2018) 29148—2018—ISO/IEC/IEEE international standard—systems and software engineering—life cycle processes—requirements engineering. Available from: https://ieeexplore.ieee.org/document/8559686 . (30 Nov 2018)

3. ISO (2013) ISO/IEC 27001:2013—information technology—security techniques—information security management systems—requirements. Available from: https://www.iso.org/standard/54534.html (1 Oct 2013)

4. OWASP (2013) OWASP top 10 most critical web application security risks… Available from: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project (1 Nov 2016)

5. EUR-Lex (2016) Regulation (Eu) 2016/679 of the European Parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General data protection regulation), 2016. Available from: https://eur-lex.europa.eu/eli/reg/2016/679/oj (27 Apr 2016)