@misc{25031,
  author = {Shirley Radack},
  title = {Recommended Security Controls for Federal Information Systems: Guidance for Selecting Cost-Effective Controls Using a Risk-Based Approach},
  year = {2005},
  month = {2005-05-01},
  publisher = {ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD},
  url = {https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150229},
  language = {en},
}