1. From risk analysis to security requirements;Gerber;Comput Secur,2001
2. Business process management - concepts, languages, architectures, 2nd ed.;Weske,2012
3. ISO. ISO/IEC 27005:2018 information technology security techniques information security risk management. 2018. Online: https://www.iso.org/standard/75281.html.
4. Alberts W.C., Dorofee A., Stevens J., Woody C.. Introduction to the OCTAVE approach. 2003.
5. Taubenberger S., Jurjens J.. IT security risk analysis based on business process models enhanced with security requirements2008;:1–10.