References
- 한국전산원, '공공부문 정보보호 아키텍처 구성방안', 2004. 12
- 김정덕, 'FISMA 준수를 위한 미국의 정보보호 구현 및 평가과정', 2006. 8
- 김정덕, 박현효, 이동권, '자본계획 및 투자 프로세스를 통한 정보보호 예산 수립에 관한 연구', 정보보호학회지, 2004. 5
- NIST FIPS 199, 'Standards for Security Categorization of Federal Information and Information Systems', February 2004
- NIST FIPS 200, 'Minimum Security Requirements for Federal Information and Information System', February 2006
- NIST SP 800-26, 'Security Self-Assessment Guide for IT Systems', November 2001
- NIST SP 800-26 Revision 1, 'Guide for Information Security Program Assessments and System Reporting Form', August 2005
- NIST SP 800-55, 'Security Metrics Guide for Information Technology Systems', July 2003
- NIST SP 800-80, 'Guide for Developing Performance Metrics for Information Security', May 2006
- NIST SP 800-65, 'Integrating Security into the Capital Planning and Investment Control Process', January 2005
- Basel Committee, 'Basel II : international convergence of capital measurement and capital standards', June 2004
- Birman, 'KP, The next-generation internet: unsafe at any speed', IEEE Computer, 30(8), pp. 54-60, 2000
- ISO 17799, 'A code of practice for information security', 2005
- Corporate Governance Task Force, 'Information security governance: a call to action', April 2004
- Entrust, 'Information Security Governance (ISG): an essential of corporate governance', 2004
- Solm B, 'Information Security_The Fourth Wave', Computers and Security, Vol. 25, pp.165-168, 2006 https://doi.org/10.1016/j.cose.2006.03.004
- Swindle O, Coner B, 'The link between information security and corporate governance', May 2004
- Whitman ME, Mattford HJ, 'Principles of information security', Course Technology, pp. 153-90, 2003