Method for Conducting Systematic Literature Review (SLR) for Cyber Risk Assessment
DOI:
https://doi.org/10.21834/ebpj.v7iSI10.4130Keywords:
Systematic Literature Review, Cyber Risk Assessment, Risk ManagementAbstract
This paper presents a method for conducting a systematic literature review (SLR) on cyber risk assessment. A three-staged systematic review was used in this SLR planning, conducting, and reporting the review. Results screening was done by applying inclusion and exclusion criteria. EndNote software and PRISMA flow diagram were used as useful tools during this screening process. This SLR method helps to get systematic and in-depth way to get the accurate and precise numbers of literature. It would be useful for researchers to have a new way of finding literature apart from the traditional literature review.
References
1 Introduction to JBI Systematic reviews - JBI Manual for Evidence Synthesis - JBI Global Wiki. (n.d.). Retrieved June 21, 2022, from https://jbi-global- wiki.refined.site/space/MANUAL/4687241/1.1+Introduction+to+JBI+Systematic+reviews
Anwar, N. (2015). The Impact of Information Technology Infrastructure Flexibility on Strategic Use of Information Systems. Pacific Asia Conference on Information Systems (PACIS), 3, Paper 271.
Baharuddin, M. F., Tengku, T. A., Mohamad, A. N., & Hasnol, W. M. H. W. (2016). A Framework based Knowledge Management System (KMS) for Dynamic Decision- Making (DDM). International Journal of Academic Research in Business and Social Sciences, 6(4). https://doi.org/10.6007/ijarbss/v6-i4/2107
Cybersecurity Risk Assessment. (n.d.). Retrieved January 6, 2022, from https://www.itgovernance.asia/cyber-security-risk-assessments-10-steps-to-cyber-security
(Gough et al., (2012). An introduction to systemic reviews.
History of Cyber Security - Cyber Security Degree. (n.d.). Retrieved January 16, 2022, from https://cyber-security.degree/resources/history-of-cyber-security/
ISO 27001. (2013). INTERNATIONAL STANDARD ISO / IEC Information technology — Security techniques — Information security management systems — Requirements. Information Technology — Security Techniques — Information Security Management Systems — Requirements, 2014(ISO/IEC 27001:2013), 38.
ISO, I S O. (2011). IEC 27005: Information technology–security techniques–information security risk management. Iso/Iec, 44(0).
ISO, International Standards Organisation, 1, J. T. C. I. J., Technology, I., & Subcommittee SC 27, I. S. techniques. (2008). Iso/Iec 27005:2008. 3, 61. http://www.iso.org
Kitchenham, B. A., & Charters, S. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering. EBSE Technical Report EBSE-2007-01. School of Computer Science and Mathematics, Keele University. January, 1–57.
McNeil, M., Llanso, T., & Pearson, D. (2018, April 10). Application of capability-based cyber risk assessment methodology to a space system. ACM International Conference Proceeding Series. https://doi.org/10.1145/3190619.3190644
Patel, S., & Zaveri, J. (2010). A risk-assessment model for cyber attacks on information systems. Journal of Computers, 5(3), 352–359. https://doi.org/10.4304/jcp.5.3.352- 359
Petticrew, M., & Roberts, H. (2008). Systematic Reviews in the Social Sciences: A Practical Guide. In Systematic Reviews in the Social Sciences: A Practical Guide. https://doi.org/10.1002/9780470754887
PRISMA. (n.d.). Retrieved June 21, 2022, from https://prisma-statement.org//prismastatement/flowdiagram.aspx
Purssell, E., & McCrae, N. (2020). How to Perform a Systematic Literature Review. In How to Perform a Systematic Literature Review. https://doi.org/10.1007/978-3-030-
-2
RSA. (2016). Cyber Risk Appetite: Defining and Understanding Risk in the Modern Enterprise. Rsa, 1–4. http://www.reuters.com/article/us-nasdaq-halt-glitch- idUSBRE97S11420130829%0Ahttp://www.reuters.com/article/us-nasdaq-halt-glitch-idUSBRE97S11420130829%0Ahttp://www.reuters.com/article/us-nasdaq-halt-glitch-idUSBRE97S11420130829%0Ahttps://www.rsa.com/cont
Zaini, M. K., Masrek, M. N., & Abdullah Sani, M. K. J. (2020). The impact of information security management practices on organisational agility. Information and Computer Security, 28(5), 681–700. https://doi.org/10.1108/ICS-02-2020-0020
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2022 Zahari Mohd Amin, Norizan Anwar, Mohd Shamsul Mohd Shoid, Suzaliana Samuri
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.