URLs are valid as of the publication date of this book.
 AICPA 2002 American Institute for CPA. Consideration of Fraud in a Financial Statement Audit (AU 316.02). American Institute for CPA, 2002; www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocuments/AU-00316.pdf.
 Alberts 2003 C. Alberts and A. Dorofee. Managing Information Security Risks: The OCTAVE® Approach (Boston: Addison-Wesley, 2003).
 Andersen 2004 D.F. Andersen, D.M. Cappelli, J.J. Gonzalez, M. Mojtahedzadeh, A.P. Moore, E. Rich, J.M. Sarriegui, T.J. Shimeall, J.M. Stanton, E. Weaver, and A. Zagonel. “Preliminary System Dynamics Maps of the Insider Cyber-Threat Problem.” In Proceedings of the 22nd International Conference of the System Dynamics Society, ...