А. Г. Корченко and С. В. Казмирчук, “The qualitative and quantitative method of information security risk assessment”, Zahist ìnf., vol. 18, no. 2, pp. 157–170, May 2016.