1. Weill P, Vitale M (2002) What IT infrastructure capabilities are needed to implement e-business models? MIS Q Executive 1(1):17–34

2. BSI (1999) BS 7799 Part1: information security management—code of practice for information security management

3. Doukidis GI, Lybereas P, Galliers RD (1996) Information systems planning in small business: a stages of growth analysis. J Syst Softw Arch 33

4. Eloff MM, von Solms SH (2000) Information security management: an approach to combine process certification and product evaluation. Comput Secur 19

5. NIST Technology Administration (1998) An introduction to computer security: the NIST handbook. NIST, USA