CSI/FBI (2007, 12, 03). The 12th Annual Computer Crime and Security Survey.
 OWASP: the open web application security project, “the ten most critical web application security risks. 2013
 A. Mukhopadhyay, S. Chatterjee, D. Saha, A. Mahanti & S.K. Sadhukhan. (2006, 01, 07). e-Risk Management with Insurance : A framework using Copula aided Bayesian Belief Networks, Proceedings of the 39th Hawaii International Conference on System Sciences.
 F. Foroughi, « Information Security Risk Assessment by Using Bayesian Learning Technique”, Proceedings of the World Congress on Engineering 2008 Vol I WCE 2008, July 2 - 4, 2008, London, U.K.
 E. Loukis, D. Spinellis, “Information Systems Security in the Greek Public Sector”. Information Management and Computer Security 9(1), pp. 21–31, 2001.
 M. Myerson, “Risk Management Processes for Software Engineering Models”. Boston: Artech House, 1997.
 D. Spinellis, S. Kokolakis, S. Gritzalis, “Security requirements, risks and recommendations for small enterprise and home office environments”. Information Management & Computer Security 7(3), pp. 121-128, 1999.
 T. Tsiakis, “Information Security Expenditures: a Techno- Economic Analysis”, IJCSNS International Journal of Computer Science and Network Security, VOL.10 No.4, April 2010
 W. Böhmer, “Evaluation of the Quality of an Information Security Management System (ISMS) or how secure is secure?”. Guest lecture at the Gjovik University College, 2006.
 B. Berger. (2003, 08, 20). Data-Centric Quantitative Computer Security Risk Assessment,
[Online]. Available: http://www.sans.org/reading_room/whitepapers/auditin g/1209.php.
 L.B.A. Rabai , M. Jouini, A. Ben Aissa, A. Mili, « A cybersecurity model in cloud computing environments”, Journal of King Saud University – Computer and Information Sciences (2013) 25, 63–75
 A. Ben Aissa, R.K. Abercrombie, F.T. Sheldon, A. Mili, “Quantifying security threats and their potential impacts: a case study”. Innovation in Systems and Software Engineering: A NASA Journal 6, 269–281.2010
 ISO/IEC 13335-1:2004 Information technology -- Security techniques -- Management of information and communications technology security -- Part 1: Concepts and models for information and communications technology security management.