[1] Internal Control over Financial Reporting — Guidance for Smaller Public CompaniesCopyright © 2006 by The Committee of Sponsoring Organization, C/O AICPA, Harborside Financial Center, 201 Plaza Three, Jersey City, NJ 07311 – 3881, USA. All rights reserved.
[2] Control Objectives for Information and related Technology - COBIT® 4.1, Copyright © 2007 by the IT Governance Institute. 3701 Algonquin Road, Suite 1010 Rolling Meadows, IL 60008 USA. All rights reserved.
[3] Enterprise SPICE® - An Integrated Model for Enterprise-wide Assessment and Improvement, Technical Report – Issue 1 September 2010, Copyright © The SPICE User Group 2010.
[4] ISO/IEC 15504-1:2004 Information technology -- Process assessment -- Part 1: Concepts and vocabulary
ISO/IEC 15504-2:2003 Information technology -- Process assessment -- Part 2: Performing an assessment
ISO/IEC 15504-2:2003/Cor 1:2004
ISO/IEC 15504-3:2004 Information technology -- Process assessment -- Part 3: Guidance on performing an assessment
ISO/IEC 15504-4:2004 Information technology -- Process assessment -- Part 4: Guidance on use for process improvement and process capability determination
[5] J. Ivanyos, J. Roóz and R. Messnarz, Governance Capability Assessment: Using ISO/IEC 15504 for Internal Financial Control Management, in: The MONTIFIC Book, MONTIFIC-ECQA Joint Conference Proceedings, 2010
[6] Trust Services Principles, Criteria, and Illustrations, Copyright © 2009 by the American Institute of Certified Public Accountants, Inc. and Canadian Institute of Chartered Accountants.
[7] Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization, Copyright © 2010 American Institute of Certified Public Accountants, Inc. New York, NY 10036-8775
[8] Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC 2), Copyright © 2011, American Institute of Certified Public Accountants, Inc. All Rights Reserved.