Compiled by: Nancy Y. McGovern and Anne R. Kenney
Last revised: May 2002
Notable Web sites
The Canadian Treasury Board's Common Look and Feel for the Internet
http://www.cio-dpi.gc.ca/clf-upe/
Carnegie Mellon's CERT® Coordination Center
http://www.cert.org/stats/cert_stats.html
Department of Justice, A Guide to Disability Rights Laws,
August 2001 http://www.usdoj.gov/crt/ada/cguide.htm
National Cancer Institute's Web Design and Usability Guidelines
http://www.usability.gov/guidelines/index.html
- National Library of Australia:
- • Safeguarding
Australia's web resources: guidelines for creators and publishers http://www.nla.gov.au/guidelines/2000/webresources.html
- • Safekeeping Project with sponsors
http://www.nla.gov.au/padi/safekeeping/safekeeping.html
W3C guidelines http://www.w3.org/TR/WCAG10/
- Domain
Web site examples
- Insurance
Providers:
- • the
International Risk Management Institute IRMI http://www.irmi.com
- Healthcare Providers:
- • the Risk Management Foundation: Harvard
Medical Institutions http://www.rmf.harvard.edu/
- • the American Society for Healthcare
Risk Management ASHRM of the American Hospital Association http://www.ashrm.org/asp/home/home.asp
- Nonprofit Organizations:
- • the Public
Risk Management Association PRIMA: Nonprofit Risk Management Center
and Public Entity Risk Institute http://www.primacentral.org/
- • Nonprofit
Risk Organization http://www.nonprofitrisk.org
- Environmental Monitoring:
- • the
National Risk Management Research Laboratory NRMRL http://www.epa.gov/ORD/NRMRL
- Financial Investors:
- • the
Global Association of Risk Professionals GARP
http://www.garp.com/
- • The
Risk Management Association RMA http://www.rmahq.org
Publications
Bailar, Gregor, "Nasdaq Lessons Learned from Sept.
11," http://www.cio.com/online/102401_nasdaq.html
BindView Corporation, "Risk Management: The New IT
Challenge," white paper, March 2000, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=417&scid=88
Blundon, William, "Security is in the eye of the
beholder,"
http://www.javaworld.com/javaworld/jw-09-1997/jw-09-blundon_p.html.
Bridgewater
Systems, "Policies and Profiles: The Keys to Success in Mobile
Data Services," white paper, 2001, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=16942&scid=95
Byrnes,
Christian F., "Information Risk Management: Why Now?"
white paper, 1999.
Chapple, Mike, "SQL Server Disaster Recovery,"
http://databases.about.com/library/weekly/aa031101a.htm.
Cohen, Fred, "Managing Network Security: Attack and
Defense Strategies," white paper, July 1999, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=3583&scid=88.
Computer Sciences Corporation, "Information Risk
Management Program IRMP: An Overview," white paper, April 2000, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=24732&scid=88.
Cooper, Michael D. "Design Considerations in Instrumenting
and Monitoring Web-based Information Retrieval Systems," Journal
of the American Society for Information Science, 49 10:903-919, 1998,
http://beachmat.sims.berkeley.edu/~mike/Articles/JASISDesign1998.pdf.
Davis, Philip, "The Effect of the Web on Undergraduate
Citation Behavior-a year 2000 update," forthcoming College and Research
Libraries, January 2002.
Edupage, "President Forms Cyberterrorism Panel,"
Educause, October 17, 2001.
Elsevier Science, "Information on Electronic Back
Files, Access and Archiving," http://www.elsevier.com/inca/publications/misc/ni2164.pdf.
Flecker, Dale, "Preserving Scholarly E-Journals,"
D-Lib Magazine, September 2001 Volume 7 Number 9, http://www.dlib.org/dlib/september01/flecker/09flecker.html.
Geer, Daniel, E., Jr., "Risk Management is Where
the Money Is", reprint of an address before the Digital Commerce
Society of Boston, November 3, 1998, http://www.itpapers.com/cgi/PSummaryIT.pl?paperrid=14911&scid=88.
Global Information Security Services GISS, "Information
Risk Management Program IRMP: AN Overview", April 2001, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=24732&scid=88.
Hamilton,
Caroline R., "New Trends in Risk Assessment, white paper, 1998,
http://techupdate.books24x7.com/toc.asp?bookid=2920.
Harral, William M., "The Roles and Inter-relationships
of Risk Management and Quality Management Systems Auditing," white
paper, 1998, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=1682&scid=88.
Herman, Melanie L. and Barbara B. Oliver "Teambuilding:
Rx for Crisis Survival," 10 September 2001, http://www.nonprofitrisk.org/nwsltr/archive/nl901_1.htm.
Horgan, Daniel, "Five thoughts about Cyberterrorism,"
http://www.darwinmag.com/read/thoughts/.
Kabay, M.E. "ICSA White Paper on Computer Crime Statistics,"
1998, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=10094&scid=88.
Kenney, Anne R., and Oya Y. Rieger, Moving Theory into
Practice: Digital Imaging for Libraries and Archives, Research Libraries
Group, 2000.
Kenney, Anne R., Nancy Y. McGovern, Peter Botticelli,
Richard Entlich, Carl Lagoze, and Sandra Payette, "Preservation Risk
Management for Web Resources: Virtual Remote Control in Cornell's Project
Prism," D-Lib Magazine, January 2002, http://www.dlib.org/dlib/january02/kenney/01kenney.html.
Kirschbaum, Dennis M., "Six Tips for Playing it Safe:
At Work, At Home, on the Web," http://www.nonprofitrisk.org/nwsltr/archive/nl101_4.htm.
Kleindorfer, Paul R. "Industrial Ecology and Risk
Analysis," http://grace.wharton.upenn.edu/risk/downloads/01-23-PK.pdf.
Kloman, H. Felix, "The Risk Management Spectrum," Risk Management Reports, 2001, http://www.riskreports.com/spectrum.html.
Kovacs, Paul and Howard Kunreuther, "Managing Catastrophic
Risk: Lessons from Canada," in Institute for Catastrophic Loss Reduction
Research Paper, http://grace.wharton.upenn.edu/risk/downloads/01-09-HK.pdf.
Kunreuther, Howard, Patricia Grossi, Nano Seeber and Andrew
Smyth, "A Framework for Evaluating the Cost-Effectiveness of Mitigation
Measures," paper presented at the Bogazici University /Columbia University
Workshop, http://grace.wharton.upenn.edu/risk/downloads/01-18-HK.pdf.
Kunreuther, Howard in Bruna de March ed. "Incentives
for Mitigation Investment and More Effective Risk Management: The Need
for Public-Private Partnerships" Special Issue on Risk and Governance,
Journal of Hazardous Materials, 2001, http://grace.wharton.upenn.edu/risk/downloads/01-13-HK.pdf.
Kunreuther, Howard coordinating author, Chris Cyr, Patricia
Grossi and Wendy Tao, "Using Cost-Benefit Analysis to Evaluate Mitigation
- Measures for Lifelines," April 2001, http://grace.wharton.upenn.edu/risk/downloads/01-14-HK.pdf.
Kunreuther, Howard and Christian Schade, "Worry and
Mental Accounting with Protective Measures," white paper, February
2001, http://grace.wharton.upenn.edu/risk/downloads/01-19-HK.pdf.
Lagoze, Carl, William Arms, Stoney Gan, Diane Hillmann,
Christopher Ingram, Dean Krafft, Richard Marisa, Jon Phipps, John Saylor,
Carol Terrizzi, Walter Hoehn, David Millman, James Allan, Sergio Guzman-Lara,
Tom Kalt, "Core Services in the Architecture of the National Digital
Library for Science Education (NSDL)," submitted to JCDL, 2002, http://arxiv.org/abs/cs.DL/0201025.
Lawrence, Greg, William Kehoe, Oya Y. Rieger, William
Walters, and Anne R. Kenney, Risk Management of Digital Information: A
File Format Investigation. Washington, DC: Council on Library and Information
Resources, 2000, http://www.clir.org/pubs/abstract/pub93abst.html.
Lawrence, H. Andrew, "Digital Insurance for Information
at Risk: A Strategic Overview of Digital Preservation," white paper,
Eastman Kodak Company, 2000, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=21017&scid=169.
Long, Marian H., "Business Interruption Risk Assessment:
A Multidisciplinary Approach," white paper, 1997, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=23794&scid=88.
Luh, James C., "No Bots Allowed," Special to
Interactive Week, April 12, 2001, http://www.eweek.com/article/0,3658,s=722&a=7646,00.asp.
Marvell, Simon, "Business Continuity Management in
the 21st Century," no date, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=9801&scid=88
McClure, Charles R. and J. Timothy Sprehe, Guidelines
For Electronic Records Management On State And Federal Agency Websites,
an NHPRC-funded research project conducted in 1997, http://istweb.syr.edu/~mcclure/guidelines.html.
McClure,
Sprehe and Kristen Eschenfelder, Performance Measures for Federal
Agency Websites, 2000, http://fedbbs.access.gpo.gov/library/download/MEASURES/measures.doc.
McNamee, David, "Assessing Risk Assessment,"
Management Control Concepts, http://www.mc2consulting.com/riskart2.htm.
Meinel, Carolyn, "Code Red for the Web," Scientific
American, October 2001: 42-51.
Mulcahy, Ryan, compiler, "'First Alert' system sought
for Internet, Feds Discuss Data Sharing, and More," CIO Magazine,
October 25, 2001, http://64.28.79.79/online/102501_report.html.
Nonprofit Risk Organization, "Risk Assessment Tool
Offers Customized Help," http://www.nonprofitrisk.org/nwsltr/archive/nl300_1.htm.
Nonprofit Risk Organization, "Beyond the Bend in
the Road: The Nonprofit Risk Management Center Offers Predictions for
the Year Ahead," http://www.nonprofitrisk.org/nwsltr/archive/nl100_4.htm.
Nonprofit Risk Organization, "Making Net Gains: Staying
Safe While Making a Name for Your Nonprofit on the Internet," http://www.nonprofitrisk.org/nwsltr/current/nl901_3.htm.
Nonprofit Risk Organization, Full Speed Ahead: Managing
Technology Risk in the Nonprofit World, http://www.nonprofitrisk.org/pubs/full_spd.htm.
Nonprofit Risk Organization, "eNoculation,"
http://www.nonprofitrisk.org/nwsltr/archive/nl200_1.htm.
Nonprofit Risk Organization, Protecting Your Nonprofit
and the Board, http://www.nonprofitrisk.org/nwsltr/archive/nl199_1.htm.
Nonprofit Risk Organization, Vital Signs: Anticipating,
Preventing and Surviving a Crisis in a Nonprofit, http://www.nonprofitrisk.org/pubs/vital.htm.
OECD, Chemical Accident Risk Assessment Thesaurus CARAT™,
http://www1.oecd.org/EHS/CARAT/v3.0/htm/default.htm.
Paperwork
Reduction Act, 1995, http://policyworks.gov/policydocs/16.pdf.
Paul, Brooke, "Risk-Assessment Strategies,"
CMP Media, white paper, October 30, 2000, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=14014&scid=88.
Perrin, Jerry, "ERM and September 11," http://www.irmi.com/expert/articles/miccolis005.asp.
Rosenthal, Ira, Al Ignatowski, C. Kirchsteiger, "A
Generic Standard for the Risk Assessment Process:..", Discussion
on a proposal made by the program committee of JC-J, RC Workshop on 'Promotion
of Technical Harmonization of Risk-Based Decision Making', September 2001,
http://grace.wharton.upenn.edu/risk/downloads/01-01-IR.pdf.
Scalet, Sarah D., "Cyberterrorism Is Everyone's War,"
CIO Magazine, October 11, 2001, http://www.cio.com/research/security/edit/a101101_cyber.html.
Scall, Eric, "Liability Trends for Nonprofit Organizations,"
http://www.nonprofitrisk.org/nwsltr/archive/nl300_6.htm.
Semantic Enterprise Solutions, "A Comprehensive Risk
Management Guide," June 2000. http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=2348&scid=88.
Vaknin, Sam, "Bright Planet, Deep Web," http://www.trendsiters.com/article1009.html.
Vaknin,
Sam, "Internet: A Medium or a Message? - Part 1," http://samvak.tripod.com/internet.html.
VeriSign, Inc. "Journey to the Right of the Dot:
ICANN's New Web Extensions," white paper, May 9, 2001, http://www.killermarketing.com/final_gtld_5_17.pdf.
Wood, Angus, "Integrating Risk Assessment into the
Enterprise Information Management Strategy," presented at the 6th
International Pipeline Reliability Conference, November 19-22, 1996, Houston,
Texas, http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=8433&scid=88.
|
