Team LiB   Previous Section   Next Section

Risk Management

Alberts, Christopher; Behrens, Sandra; Pethia, Richard; and Wilson, William. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVESM) Framework, Version 1.0 (CMU/SEI-99-TR-017, ADA 367718). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1999. Available online: <http://www.sei.cmu.edu/publications/documents/99.reports/99tr017/99tr017abstract.html>.

Alberts, Christopher J. et al. "Health Information Risk Assessment and Management: Toolkit Section 4.5." CPRI Toolkit: Managing Information Security in Health Care, Version 2. Available online: <http://www.cpri-host.org/toolkit/4_5.html> (2000).

Alberts, Christopher J. and Dorofee, Audrey J. OCTAVESM Method Implementation Guide, v2.0. Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2001. Can be ordered online: <http://www.cert.org/octave/omig.html>.

Alberts, Christopher and Dorofee, Audrey. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVESM) Criteria (CMU/SEI-01-TR-016). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2001. Available online: <http://www.sei.cmu.edu/publications/documents/01.reports/01tr016/01tr016abstract.html>.

Bernstein, Peter L. Against the Gods: The Remarkable Story of Risk. New York: John Wiley & Sons, Inc., 1996.

Charette, Robert N. Software Engineering Risk Analysis and Management. New York: Intertext Publications/Multiscience Press, Inc., 1989.

Dorofee, A.; Walker, J.; Alberts, C.; Higuera, R.; Murphy, R.; and Williams, R. Continuous Risk Management Guidebook. Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1996.

Freund, John E. Introduction to Probability. Mineola, NY: Dover Publications, Inc., 1993.

United States General Accounting Office. Executive Guide: Information Security Management (GAO/AIMD-98-68). Washington, DC: GAO, May 1998.

United States General Accounting Office. Information Security Risk Assessment, Practices of Leading Organizations (GAO/AIMD-00-33). Washington, DC: GAO, November 1999.

Haimes, Yacov Y. Risk Modeling, Assessment, and Management. New York: John Wiley & Sons, Inc., 1996.

Harvard Business Review. Harvard Business Review on Managing Uncertainty. Boston: Harvard Business School Press, 1999.

Institute of Electrical and Electronics Engineers. IEEE Standard for Software Lifecycle Processes—Risk Management (IEEE Std 1540-2001). New York: IEEE, Inc., 2001.

Lange, Scott K.; Davis, Julie K.; Jaye, Daniel; Erwin, Dan; Mullarney, James X.; Clarke, Leo L.; and Loesch, Martin C. e-Risk: Liabilities in a Wired World. Cincinnati, OH: National Underwriter Co., 2000.

Peltier, Thomas R. Information Security Risk Analysis. Boca Raton, FL: Auerbach Publications, 2001.

Rowe, William D. An Anatomy of Risk. Malibu, FL: Robert E. Crier, 1988.

Van der Heijden, Kees. Scenarios: The Art of Strategic Conversation. Chichester, England: John Wiley & Sons, Inc., 1997.
    Team LiB   Previous Section   Next Section