1. Information System Audit and Control Association: COBIT 5: A Business Framework for the Governance and Management of Enterprise IT (2012)

2. Barnum, S., McGraw, G.: Knowledge for software security. IEEE Security & Privacy 3(2), 74–78 (2005)

3. BSI: IT-Grundschutz Catalogues (2005)

4. COBIT: Control Practices: Guidance to Achieve Control Objective for Successful IT Governance, 2nd edn. IT Governance Institute (2007)

5. Cysneiros, L.M.: Evaluating the effectiveness of using catalogues to elicit non-functional requirements. In: WER, pp. 107–115 (2007)