M. C. Oetzel and S. Spiekermann, A systematic methodology for privacy impact assessments: a design science approach, European Journal of Information Systems, vol.54, issue.8, pp.126-150, 2013.
DOI : 10.1007/978-94-007-2543-0

S. Spiekermann, The RFID PIA ??? Developed by Industry, Endorsed by Regulators, Privacy Impact Assessment, pp.323-346, 2012.
DOI : 10.1007/978-94-007-2543-0_15

D. Wright and P. De-hert, Privacy Impact Assessment, 2012.
DOI : 10.1007/978-94-007-2543-0

P. C. Cheng, P. Rohatgi, C. Keser, P. A. Karger, G. M. Wagner et al., Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control, 2007 IEEE Symposium on Security and Privacy (SP '07), pp.222-230, 2007.
DOI : 10.1109/SP.2007.21

M. Sahinoglu, Security Meter: A Practical Decision-Tree Model to Quantify Risk, IEEE Security and Privacy Magazine, vol.3, issue.3, pp.18-24, 2005.
DOI : 10.1109/MSP.2005.81

D. Vose, Risk Analysis: A Quantitative Guide, 2008.

K. Wadhwa and R. Rodrigues, Evaluating privacy impact assessments. Innov. Eur, J. Soc. Sci. Res, vol.0, pp.1-20, 2013.

Z. Yazar, A qualitative risk analysis and management tool--CRAMM, SANS InfoSec Read. Room White Pap, 2002.

K. Vellani, Strategic Security Management: A Risk Assessment Guide for Decision Makers, 2006.

G. Stoneburner, A. Goguen, and A. Feringa, Risk management guide for information technology systems, Nist Spec. Publ, vol.800, pp.800-830, 2002.
DOI : 10.6028/NIST.SP.800-30

D. Security and P. Edelman, The costs, causes and consequences of privacy risk

A. Borghesi and B. Gaudenzi, Risk management: How to assess, transfer and communicate critical risks, 2012.

E. Parliament, Directive 95, EC. Off. J. Eur. Communities. L, vol.46, issue.281, p.31, 1995.

D. Solove, A Taxonomy of Privacy, University of Pennsylvania Law Review, vol.154, issue.3, pp.477-560, 2006.
DOI : 10.2307/40041279