“…A review of the literature certainly indicates this position is shared by others, as the use of a security engineering methodology during system development has been advocated for quite some time (Davis, 2004;Grance, Hash, & Stevens, 2004;Jei, Bae, Choi, & Lee, 2006;Levine, 2002;Lim & Carastan, 2004;McAllister, 2002;Singleton, 2007;Snyder, 2002;Stoneburner, Hayden, & Feringa, 2004;Weiss, Moore, & Robbins, 1996). Davis (2004), for example, states the case for ISSE as follows:…”