Method for Conducting Systematic Literature Review (SLR) for Cyber Risk Assessment

Authors

  • Zahari Mohd Amin Senior Lecturer, Faculty of Information Management, UiTM Selangor, Shah Alam, Malaysia
  • Norizan Anwar Senior Manager, Malaysia Airports Holding Berhad, KLIA, Sepang, Selangor, Malaysia
  • Mohd Shamsul Mohd Shoid Senior Lecturer, Faculty of Information Management, UiTM Selangor, Shah Alam, Malaysia
  • Suzaliana Samuri Senior Manager, Malaysia Airports Holding Berhad, KLIA, Sepang, Selangor, Malaysia

DOI:

https://doi.org/10.21834/ebpj.v7iSI10.4130

Keywords:

Systematic Literature Review, Cyber Risk Assessment, Risk Management

Abstract

This paper presents a method for conducting a systematic literature review (SLR) on cyber risk assessment. A three-staged systematic review was used in this SLR planning, conducting, and reporting the review. Results screening was done by applying inclusion and exclusion criteria. EndNote software and PRISMA flow diagram were used as useful tools during this screening process. This SLR method helps to get systematic and in-depth way to get the accurate and precise numbers of literature. It would be useful for researchers to have a new way of finding literature apart from the traditional literature review.

References

1 Introduction to JBI Systematic reviews - JBI Manual for Evidence Synthesis - JBI Global Wiki. (n.d.). Retrieved June 21, 2022, from https://jbi-global- wiki.refined.site/space/MANUAL/4687241/1.1+Introduction+to+JBI+Systematic+reviews

Anwar, N. (2015). The Impact of Information Technology Infrastructure Flexibility on Strategic Use of Information Systems. Pacific Asia Conference on Information Systems (PACIS), 3, Paper 271.

Baharuddin, M. F., Tengku, T. A., Mohamad, A. N., & Hasnol, W. M. H. W. (2016). A Framework based Knowledge Management System (KMS) for Dynamic Decision- Making (DDM). International Journal of Academic Research in Business and Social Sciences, 6(4). https://doi.org/10.6007/ijarbss/v6-i4/2107

Cybersecurity Risk Assessment. (n.d.). Retrieved January 6, 2022, from https://www.itgovernance.asia/cyber-security-risk-assessments-10-steps-to-cyber-security

(Gough et al., (2012). An introduction to systemic reviews.

History of Cyber Security - Cyber Security Degree. (n.d.). Retrieved January 16, 2022, from https://cyber-security.degree/resources/history-of-cyber-security/

ISO 27001. (2013). INTERNATIONAL STANDARD ISO / IEC Information technology — Security techniques — Information security management systems — Requirements. Information Technology — Security Techniques — Information Security Management Systems — Requirements, 2014(ISO/IEC 27001:2013), 38.

ISO, I S O. (2011). IEC 27005: Information technology–security techniques–information security risk management. Iso/Iec, 44(0).

ISO, International Standards Organisation, 1, J. T. C. I. J., Technology, I., & Subcommittee SC 27, I. S. techniques. (2008). Iso/Iec 27005:2008. 3, 61. http://www.iso.org

Kitchenham, B. A., & Charters, S. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering. EBSE Technical Report EBSE-2007-01. School of Computer Science and Mathematics, Keele University. January, 1–57.

McNeil, M., Llanso, T., & Pearson, D. (2018, April 10). Application of capability-based cyber risk assessment methodology to a space system. ACM International Conference Proceeding Series. https://doi.org/10.1145/3190619.3190644

Patel, S., & Zaveri, J. (2010). A risk-assessment model for cyber attacks on information systems. Journal of Computers, 5(3), 352–359. https://doi.org/10.4304/jcp.5.3.352- 359

Petticrew, M., & Roberts, H. (2008). Systematic Reviews in the Social Sciences: A Practical Guide. In Systematic Reviews in the Social Sciences: A Practical Guide. https://doi.org/10.1002/9780470754887

PRISMA. (n.d.). Retrieved June 21, 2022, from https://prisma-statement.org//prismastatement/flowdiagram.aspx

Purssell, E., & McCrae, N. (2020). How to Perform a Systematic Literature Review. In How to Perform a Systematic Literature Review. https://doi.org/10.1007/978-3-030-

-2

RSA. (2016). Cyber Risk Appetite: Defining and Understanding Risk in the Modern Enterprise. Rsa, 1–4. http://www.reuters.com/article/us-nasdaq-halt-glitch- idUSBRE97S11420130829%0Ahttp://www.reuters.com/article/us-nasdaq-halt-glitch-idUSBRE97S11420130829%0Ahttp://www.reuters.com/article/us-nasdaq-halt-glitch-idUSBRE97S11420130829%0Ahttps://www.rsa.com/cont

Zaini, M. K., Masrek, M. N., & Abdullah Sani, M. K. J. (2020). The impact of information security management practices on organisational agility. Information and Computer Security, 28(5), 681–700. https://doi.org/10.1108/ICS-02-2020-0020

Downloads

Published

2022-11-30

How to Cite

Amin, Z. M., Anwar, N., Mohd Shoid, M. S., & Samuri, S. (2022). Method for Conducting Systematic Literature Review (SLR) for Cyber Risk Assessment. Environment-Behaviour Proceedings Journal, 7(SI10), 255–260. https://doi.org/10.21834/ebpj.v7iSI10.4130

Issue

Vol. 7 No. SI10 (2022): Nov. ICIS 2022Penang, Malaysia, 19-21 Sept 2022

Section

Technology-related Environment

License

Copyright (c) 2022 Zahari Mohd Amin, Norizan Anwar, Mohd Shamsul Mohd Shoid, Suzaliana Samuri

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC

Most read articles by the same author(s)