2 works on record
Securing an IT Organization Through Governance, Risk Management, and Audit
Complete Guide to Cybersecurity Risks and Controls