Boehm, Barry, 'Get Ready for Agile Methods, with Care,' University of Southern California, IEEE Computer , January 2002
Bragg, Roberta, CISSP Training Guide , Que, November 18, 2002
Harris, Shon, CISSP Certification , Osborne, 2002
Iheagwara, Charles, More Effective Risk Assessment , Computer Security Journal, Volume XIX, Number 2, 2003
Intranet Journal Staff, Security Policies 101 , Jupiter Media, January 6, 2003
Krutz and Vines, The CISSP Prep Guide , Wiley Publishing, Inc., 2003
Stoneburner, Gary, Enterprise Risk Management (A Walk Through of NIST SP 800-30) , National Institute of Standards and Technology, October 2002.
Stoneburner, Goguen, and Feringa, Risk Management Guide for Information Technology Systems , NIST Special Publication 800-30, October 2001
Taylor, Laura, Risk Analysis Tools and How They Work , Relevant Technologies, Inc., May 5, 2002
Taylor, Laura, Security Scanning is not Risk Analysis , Jupiter Media, July 14, 2002