The University of SydneyPage 44References•Principles of Information Security Systems –Texts and Cases –Gurpreet DhillonChapter 9: Risk management forInformation SystemsSecurity•Security in Computing –Charles & Shari PfleegerChapter 8: Administering Security•AS/NZS ISO 31000-2009 and ISO 31000-2018Risk Management Standard•https://www.iso.org/obp/ui#iso:std:iso:31000:ed-2:v1:en