1. Information security management systems – specification with guidance of use;British Standards Institution (BSI),2002

2. COBRA consultant products for Windows, evaluation & user guide;C&A Systems Security Limited,2000

3. The standard of good practice for information security;Information Security Forum (ISF),2003

4. Certified information systems auditor review manual;Information Systems Audit and Control Association (ISACA),2004

5. ISRAM: Information security risk analysis method;Karabacak;J Comput Secur,2005