Salvatore J.Stolfo,Steven M.Bellovin,Angeios D.Keromytis,Sara Sinclair,Sean W.Smith,and Shlomo Hershkop,"Insider Attack and Cyber Security Beyond the Hacker",Springer,pp.5,2008.
Rossouw wonsolms,Information Security Management(3):thecode of practice for Information Security Management(BS7799),Information Management and Computer Security 6/5,management,counter measures, Inc,pp.224-225,1998.
NIST SP 800-37, "Guide for Applying the Risk Management Framework to Federal Information Systems:A Security Life Cycle Approch",2010.
Moses,Robin.,"Risk Analysis and Management",Computer Security Reference Bookedited by Jackson,K.M.& Hruska,J.& Parker,Donn B.,CRC Press,Inc.,pp.227-263,1992.
Moses,Robin,"Risk Analysis and Management",Computer Security Reference Book edited by Jackson,K.M.& Parker,Donn B.,CRC Press,Inc.,pp.227-263,1992.
LynetteBarnardetal.,Theevaluation and certification of information security against BS7799,Information Management& Computer Security 6/2,pp.72-77,1998.
Kim,H.B.,"Risk Analysis and Management Standards for Public Information Systems Security :Risk Analysis Methodology Model",Journal of Telecommunications Technology Association, Vol.69, pp.62-73,2000.
KISA
정보보호 위험관리 가이드“▒[2004]
Jain, L., and Bhardwaj S., “Enterprise Cloud Computing : Key Consideration for Adoption”,International Journal of Engineering and Information Technology,Vol.12,No.2,2010.
ISO/IEC TR 13335-3 : Guidelines for the Management of IT Security(GMITS)- Part3 :Techniques for the Management of IT Security,1998.
E.Humphreys,"Implementing the ISO/IEC 27001 Information Security Management System Standard",Artech House,2006.
Duke, C., and Persia, M., "Importance Performance Analysis of escorted tour evaluation",Journal of traveland Tourism Marketing",Vol.5,No.3,1996.