Abstract

SANCHEZ-GARCIA, I.D.; REA-GUAMAN, A.M.; FELIU, T. San  and  CALVO-MANZANO, J.A.. Cybersecurity Risk Audit: Literature Review, Proposal, and Application. RISTI [online]. 2024, n.53, pp.69-87.  Epub Apr 30, 2024. ISSN 1646-9895.  https://doi.org/10.17013/risti.53.69-87.

One of the stages of cybersecurity risk management is monitoring and review. This stage is part of the continuous improvement process of a cybersecurity risk management system. This article aims to conduct an exploration of a cybersecurity risk audit guide by referencing common objectives and guidelines of cybersecurity risk auditing. To do so, a Systematic Literature Review (SLR) was conducted considering studies from the last ten years (2012-2022), from which 23 studies mentioning cybersecurity risk audit objectives and guidelines were identified. Additionally, attributes to be considered for the creation of a cybersecurity risk guide were proposed. Finally, an application and validation of the identified parameters in the previously mentioned studies are presented.

Keywords : Cybersecurity Audit; Audit Guide; Assurance; Compliance; Cybersecurity Enhancement, Monitoring; Systematic Literature Review; Implementation.

        · abstract in Spanish     · text in Spanish     · Spanish ( pdf )