The role of risk management in IT systems of organizations

Department of Defense. Risk management Guide to DoD Acquisition. 5th ed. Vers.2.0.Ft.Belvoir, VA: Defense Acquisition University, June 2003 www.dau.mil/pubs/risk_management.asp.

Boehm Barry, A.Winsor Brown, Victor Basili, Richard Turner, Spiral Acquisition of SoftwareIntensive Systems of Systems. Cross Talk May 2004:4–9 www.stsc.hill.af.mil/crosstalk/2004/05/0405boehm.html.

NIST special Publication 800-18.Guide For Developing Security Plans for Information Technology Systems. December 1998. Co-authored with Federal Computer Security Managers’ Forum Working Group.

Edmund H. Conrow, Risk Management for Systems of Systems. 2004 Systems and Software Technology Conference, Salt Lake City, UT, 21 Apr. 2004.

NIST special Publication 800-14.Generally Accepted Principles and Practices for Securing Information Technology Systems. September 1996. Co-authored with Barbara Guttman.

OMB Circular A-130.Management of Federal Information Resources. Appendix III. November 2000.

NIST Special Publication 800-26,Security Self-Assessment Guide for Information Technology System. August 2001.

NIST Special Publication 800-27. ENGINEERING Principles for IT Security. June 2001.

Conrow, 2003