An inventory of 20 national and 6 international critical infrastructure protection policies, International CIIP Handbook, 2006. ,
Autopsy forensic browser, http://www.sleuthkit.org/autopsy/index.php 6. Basel Committee on Banking Supervision: Sound practices for the management and supervision of operational risk, BSI, 2001. ,
Information systems security assessment framework (issaf) draft 0, 2006. ,
Itil v3 and information security http://www.isaca.org 12. COBRA Methodology: Security risk analysis and assessment. http://www.riskworld.net/method.htm 13. CRAMM: Ccta risk analysis and management method, cramm version 5.2 information security toolkit, BS25999-1: Business continuity managementbest-managementpractice.com 11. COBIT4.1: It governance control framework. IT Governance Institute, 2003. ,
Expression des besoins et identification des objectifs de securite, 2004. ,
Osstmm:introduction and sample to the open source security testing methodology manual (osstmm 3 lite) Institute for Security and Open Methodologies (ISECOM), 2008. ,
Httprint: http://net-square.com/httprint/ 29 ,
Information technology -security techniques -evaluation criteria for it security ? part 1: Introduction and general model: Information technology -security techniques -code of practice for information security management, pp.15408-15409, 2005. ,
27001: Information technology -security techniques -information security management systems -requirements, 2005. ,
27002: Information technology -security techniques -code of practice for information security management, 2005. ,
Advanced e-government enterprise strategies and solutions, International Journal of Electronic Governance, vol.3, issue.2, pp.170-188, 2010. ,
DOI : 10.1504/IJEG.2010.034094
Penetration testing framework(ptf) v0.21 ,
Technical guide to information security testing and assessment. Special Publication 800-115 ,
DOI : 10.6028/nist.sp.800-115
Owasp code review guide v1, 2008. ,
Enterprise value: Governance of it investments-the val it framework 2.0, IT Governance Institute, 2008. ,
Rm-odp: The iso reference model for open distributed processing ,dintel edition on software engineering, pp.69-99, 2001. ,
NIST SP800-42:Guideline on Network Security Testing -Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800-42, W3AF: Web application attack and audit framework ,