-
1
-
-
77954733286
-
-
107th US Congress, available at:
-
107th US Congress, Sarbanes Oxley Act, available at: http://frwebgate. access.gpo.gov/cgi-bin/ getdoc.cgi?dbname=107-cong-bills&docid=f:h3763enr. tst.pdf.
-
Sarbanes Oxley Act
-
-
-
2
-
-
27644498532
-
Enabling shard audit data
-
A. Baldwin and S. Shiu, Enabling shard audit data, Int. J. Inf. Secur. 4(4) (2005), 263-276.
-
(2005)
Int. J. Inf. Secur.
, vol.4
, Issue.4
, pp. 263-276
-
-
Baldwin, A.1
Shiu, S.2
-
3
-
-
77954691556
-
Using assurance models in IT audit engagements
-
October 2006 (currently internal report but being made external)
-
A. Baldwin, Y. Beres and S. Shiu, Using assurance models in IT audit engagements, HP Labs Technical Report HPL-2006-2148, October 2006 (currently internal report but being made external).
-
HP Labs Technical Report HPL- 2006-2148
-
-
Baldwin, A.1
Beres, Y.2
Shiu, S.3
-
4
-
-
33947411409
-
Using assurance models to aid the risk and governance lifecycle
-
available at:
-
A. Baldwin, Y. Beres and S. Shiu, Using assurance models to aid the risk and governance lifecycle, BT Technol. J. 25(1) (2007), 128-140; available at: http://hpl.hp.co.uk/techreports/2007/HPL-2007- 48.html.
-
(2007)
BT Technol. J.
, vol.25
, Issue.1
, pp. 128-140
-
-
Baldwin, A.1
Beres, Y.2
Shiu, S.3
-
6
-
-
77954729641
-
-
BITS Financial Services Roundtable, available at:
-
BITS Financial Services Roundtable, Financial institution shared assessments program, available at: http://www.bitsinfo.org/FISAP/index.php.
-
Financial Institution Shared Assessments Program
-
-
-
9
-
-
84942776290
-
Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services
-
TrustBus 2003 (DEXA 2003), Prague, 1-5 September 2003
-
M. Casassa Mont, S. Pearson and P. Bramhall, Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services, in: IEEE Workshop on Trust and Privacy in Digital Business 2003, TrustBus 2003 (DEXA 2003), Prague, 1-5 September 2003.
-
(2003)
IEEE Workshop on Trust and Privacy in Digital Business
-
-
Casassa Mont, M.1
Pearson, S.2
Bramhall, P.3
-
10
-
-
77954747309
-
Towards accountable management of privacy and identity management
-
2003 ESORICS 2003, Gjovik, 13-15 October 2003
-
M. Casassa Mont, S. Pearson and P. Bramhall, Towards accountable management of privacy and identity management, in: 8th European Symposium on Research on Computer Security 2003, ESORICS 2003, Gjovik, 13-15 October 2003.
-
8th European Symposium on Research on Computer Security
-
-
Casassa Mont, M.1
Pearson, S.2
Bramhall, P.3
-
12
-
-
77954756089
-
Continuous Control Monitoring: Enabling Rapid Response to Control Breakdowns
-
CCM, available at:
-
CCM, Continuous control monitoring: Enabling rapid response to control breakdowns, in research findings of Audit Director Roundtable, 2004, available at: http://www.audit.executiveboard. com/ADR/.
-
Research Findings of Audit Director Roundtable 2004
-
-
-
13
-
-
33947368645
-
Model-based security analysis in seven steps - A guided tour to the CORAS method
-
F. den Braber, I. Hogganvik, M. Lund, K. Stolen and F. Vraalsen, Model-based security analysis in seven steps - a guided tour to the CORAS method, BT Technol. J. 25(1) (2007), 101-117.
-
(2007)
BT Technol. J.
, vol.25
, Issue.1
, pp. 101-117
-
-
Den Braber, F.1
Hogganvik, I.2
Lund, M.3
Stolen, K.4
Vraalsen, F.5
-
14
-
-
35048841167
-
Requirements engineering meets trust management: Model, methodology and reasoning
-
Proceedings 2nd International Conference on Trust Management
-
P. Giorgini, F. Masacci, J.Myloupos and N. Zannone, Requirements engineering meets trust management: Model, methodology and reasoning, in: Proceedings 2nd International Conference on Trust Management, LNCS, Vol.2995, 2004.
-
(2004)
LNCS
, vol.2995
-
-
Giorgini, P.1
Masacci, F.2
Myloupos, J.3
Zannone, N.4
-
16
-
-
84990029315
-
The economics of information security investment
-
L. Gordon and M. Loeb, The economics of information security investment, ACM T. Inform. Sys. Sec. 5(4) (2002), 438-457.
-
(2002)
ACM T. Inform. Sys. Sec.
, vol.5
, Issue.4
, pp. 438-457
-
-
Gordon, L.1
Loeb, M.2
-
17
-
-
77954733641
-
-
Higgins Higgins Project, available at:
-
Higgins, Higgins Project, 2007, available at: http://www.eclipse.org/ higgins/.
-
(2007)
-
-
-
19
-
-
77954734963
-
-
Information Systems Audit and Control Association (ISACA) available at:
-
Information Systems Audit and Control Association (ISACA), available at: http://www.isaca.org.
-
-
-
-
22
-
-
77954694976
-
-
Liberty Alliance, available at:
-
Liberty Alliance, Liberty Identity Assurance Framework, 2007, available at: http://www. projectliberty.org/liberty/content/download/3736/24651/file/ liberty-identity-assurance-frameworkv1.0. pdf.
-
(2007)
Liberty Identity Assurance Framework
-
-
-
23
-
-
77954735771
-
-
Liberty Alliance, available at:
-
Liberty Alliance, Identity Assurance Expert Group (IAEG), 2007, available at: http://www. projectliberty.org/liberty/strategic-initiatives/identity- assurance.
-
(2007)
Identity Assurance Expert Group (IAEG)
-
-
-
24
-
-
77952405045
-
-
Liberty Alliance Project, available at:
-
Liberty Alliance Project, The Liberty Alliance Specs, 2007, available at: http://www. projectliberty.org/.
-
(2007)
The Liberty Alliance Specs
-
-
-
25
-
-
77952404140
-
Planning to implement service management (IT Infrastructure Library)
-
available at
-
V. Lloyd, Planning to implement service management (IT Infrastructure Library), The Stationery Office Books, 2007, available at: http://www.itil.co. uk/publications.htm.
-
(2007)
The Stationery Office Books
-
-
Lloyd, V.1
-
26
-
-
77954756807
-
-
available at:
-
Microsoft, Micorosft CardSpace initiative, 2006, available at: http://msdn2.microsoft.com/enus/ library/aa480189.aspx.
-
(2006)
Micorosft CardSpace Initiative
-
-
-
28
-
-
77954746479
-
-
available at:
-
OpenId, OpenId Initiative, 2008, available at: http://www.openid.net.
-
(2008)
OpenId Initiative
-
-
-
29
-
-
84970956571
-
A manager's guide to identity management and federated identity
-
L. Pang, A manager's guide to identity management and federated identity, Information Systems Control Journal 4 (2005).
-
(2005)
Information Systems Control Journal
, vol.4
-
-
Pang, L.1
-
30
-
-
84879424551
-
-
Payment Card Industry (PCI) available at:
-
Payment Card Industry (PCI), Data security standard, available at: https://www.pcisecuritystandards. org/pdfs/pci-dss-v1-1.pdf.
-
Data Security Standard
-
-
-
33
-
-
2442547465
-
Ensuring information assurance in federated identity management
-
D. Shin, G.-J. Ahn and P. Shenoy, Ensuring information assurance in federated identity management, in: 2004 IEEE International Conference on Performance, Computing, and Communications, 2004, pp. 821-826.
-
(2004)
2004 IEEE International Conference on Performance, Computing, and Communications
, pp. 821-826
-
-
Shin, D.1
Ahn, G.-J.2
Shenoy, P.3
-
34
-
-
77954753347
-
-
The American Institute of Certified Public, available at:
-
The American Institute of Certified Public Accountants, Statement on Auditing Standards, No.70 (SAS 70), available at: http://www.aicpa.org/download/ members/div/auditstd/AU-00324.PDF.
-
Accountants, Statement on Auditing Standards, No. 70 (SAS 70)
-
-
|