References
- Ahn, J-H. (1998), Information System for Management Hongmoonsa, Seoul, Korea
- BSI. (1998), Guide to Risk Assessment and Risk Management, BS7799, British Standard Institute, Great Britain
- CCTA. (1998), The CCTA Risk Analysis and Management Method, CRAMM, Central Computer and Telecommunications Agency, Great Britain
- CSI (2001), CSI/FBI Computer Crime & Security Survey Analysis, Computer Security Issues&Trends, V1(1), San Francisco, USA
- ISO/IEC. (1996), Information Technology-Guidelines for the Management of IT security-Part 1, ISO/lEC 1R 13335-1, ISO/lEC, Switzerland
- ISO/lEC. (1997), Information Technology-Guidelines for the Management of IT security-Part 2, ISO/lEC 1R 13335-2, ISO/IEC, Switzerland
- ISO/lEC. (1998), Information Technology-Guidelines for the Management of IT security-Part 3, ISO/lEC 1R 13335-3, ISO/IEC, Switzerland
- ISO/lEC. (2000), Information Technology-Guidelines for the Management of IT security-Part 4, ISO/lEC 1R 13335-4, ISO/IEC, Switzerland
- Kang, D-S. (1998), Risk Analysis and Management in Public Project Selection, The Journal of Information. 5(1), 16-29
- Kim, Y-C. and Nam, G-H. (1993),Information System Security and Auditing Mechanisms, Korea Institute of Information Security & Cryptology Review, 3(3),67-79
- KISA. (1998), Information Dysfunction Analysis in the First Quarter of The Year 1998, Korea Information Security Agency, Seoul, Korea
- KISA. (1999),Information Dysfunction Analysis of The Year 1999, Korea Information Security Agency, Seoul, Korea
- KISA. (2000),. Information Dysfunction Analysis of The Year 2000, Korea Information Security Agency, Seoul, Korea
- Lee, Y-H. and Lee, N-Y. (1999), The Study for Security Engineering Methodology, Korea Institute of Information Security & Cryptology Review, 9(2), 69-81
- NCA.(1996), Development of Automated Risk Analysis Software (V. 1.0) for Information Systems Security, NCA III-RER-9653, National Computerization Agency, Gyonggi-do, Korea
- NCA. (1996), Analysis of Computer Crime and Misuse Cases, NCA III-RER-96099, National Computerization Agency, Gyonggi-do, Korea
- NCA. (1998), A Study on Audit Guideline for the Information Systems Management, IV-AUER-98061, National Computerization Agency, Gyonggi-do, Korea
- NIST. (1989), DoE Risk Assessment Instruction, National Institute of Standards Technology, Washington, USA
- NIST. (1990), U.S. Department of Justice Simplified Risk Analysis Guidelines, NISTlR 4387, National Institute of Standards Technology, Washington, USA.
- NIST. (1994), Guidelines for the Analysis of Local Area Network Security, FIPS PUB 191, National Institute of Standards Technology, Washington, USA
- NIST.(1999), An Introduction to Computer Security: The NIST Handbook, NIST Special Publication 800-12, National Institute of Standards Technology, Washington, USA
- Sergio B. Guarro. (1987), Principles and Procedures of the LRAM Approach to Information System Risk Analysis and Management, Computers & Security, 6, 493-504
- TTA. (2000), Risk Analysis and Management Standards for Public Information System Security-Risk Analysis Methodology Model, TTA KO-12.0007, Telecommunications Techoology Association, Seoul, Korea
- Vlasta Molak. (1997), Fundamental of Risk Analysis and Risk Management, CRC Lewis, New York, USA