2.Common Criteria for Information Technology Security Evaluaion Part 1: Introducntion and general model, Version2.1[]..1999
3NIST.Risk Management Guide for Information Technology Systems. NIST-SP-800-30 . 2001
4NISL.International Standard ISO/IEC 17799:2000 Information Security Management, Code of Practice for Information Security Management Frequently Asked Questions. http://www.tarrani.net/NISTI-SO17799FAQ.pdf .