1. Acquisti, A., Anderson, R., Schneier, B.: 4th Security and Human Behavior Workshop, Carnegie Mellon University. http://www.heinz.cmu.edu/∼acquisti/SHB/ (2011). Accessed 1 Jan 2012
2. Anderson, R.: Why information security is hard: an economic perspective. In: Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC), pp. 358–365. IEEE Computer Society Press (2001)
3. Armour, F.J., Kaisler, S.H., Liu, S.I.: Building an enterprise architecture step by step. IT Prof. 1(4), 31–39 (1999). doi:
10.1109/6294.781623
4. Baldwin, A., Beres, Y., Shiu, S.: Using assurance models to aid the risk and governance life cycle. BT Technol. J. 25, 128–140 (2007). doi:
10.1007/s10550-007-0015-7
5. Baldwin, A., Beres, Y., Shiu, S.: Using assurance models in IT audit engagements, HP Labs Technical Report HPL-2006–148 (2006)