Matthew J. Decker: Common Models for. Information Security Management Handbook, 6th ed. 2007: 1413-1430