{rfName}
Cy

Indexed in

APC

0,00 Dollars
doaj

License and Use

Icono OpenAccess

Citations

3

Altmetrics

Analysis of institutional authors

Sanchez-Garcia I.d.AuthorSan Feliu T.AuthorCalvo-Manzano J.a.Author

Share

December 19, 2024
Publications
>
Article
Gold

Cybersecurity Risk Audit: Literature Review, Proposal, and Application; [Auditoría de riesgos de ciberseguridad: Revisión de Literatura, propuesta y aplicación]

Publicated to: RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao. 2024 (E53): 69-87 - 2024-01-01 2024(E53), DOI: 10.17013/risti.53.69-87

Authors:

Sanchez-Garcia ID; Rea-Guaman AM; San Feliu T; Calvo-Manzano JA
[+]

Affiliations

Universidad de las Fuerzas Armadas – ESPE; Departamento de Ciencias de la Computación Sangolquí; Ecuador - Author
Universidad Politécnica de Madrid; ETS Ingenieros Informáticos; Madrid; Spain - Author

Abstract

One of the stages of cybersecurity risk management is monitoring and review. This stage is part of the continuous improvement process of a cybersecurity risk management system. This article aims to conduct an exploration of a cybersecurity risk audit guide by referencing common objectives and guidelines of cybersecurity risk auditing. To do so, a Systematic Literature Review (SLR) was conducted considering studies from the last ten years (2012-2022), from which 23 studies mentioning cybersecurity risk audit objectives and guidelines were identified. Additionally, attributes to be considered for the creation of a cybersecurity risk guide were proposed. Finally, an application and validation of the identified parameters in the previously mentioned studies are presented. © 2024, Associacao Iberica de Sistemas e Tecnologias de Informacao. All rights reserved.
[+]

Quality index

Bibliometric impact. Analysis of the contribution and dissemination channel

The work has been published in the journal RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao, Q4 Agency Scopus (SJR), its regional focus and specialization in Computer Science (Miscellaneous), give it significant recognition in a specific niche of scientific knowledge at an international level.

Independientemente del impacto esperado determinado por el canal de difusión, es importante destacar el impacto real observado de la propia aportación.

Según las diferentes agencias de indexación, el número de citas acumuladas por esta publicación hasta la fecha 2026-04-25:

  • Scopus: 2
[+]

Impact and social visibility

From the perspective of influence or social adoption, and based on metrics associated with mentions and interactions provided by agencies specializing in calculating the so-called "Alternative or Social Metrics," we can highlight as of 2026-04-25:

  • The use of this contribution in bookmarks, code forks, additions to favorite lists for recurrent reading, as well as general views, indicates that someone is using the publication as a basis for their current work. This may be a notable indicator of future more formal and academic citations. This claim is supported by the result of the "Capture" indicator, which yields a total of: 37 (PlumX).

With a more dissemination-oriented intent and targeting more general audiences, we can observe other more global scores such as:

    It is essential to present evidence supporting full alignment with institutional principles and guidelines on Open Science and the Conservation and Dissemination of Intellectual Heritage. A clear example of this is:

    • The work has been submitted to a journal whose editorial policy allows open Open Access publication.
    • Assignment of a Handle/URN as an identifier within the deposit in the Institutional Repository: https://oa.upm.es/89219/

    As a result of the publication of the work in the institutional repository, statistical usage data has been obtained that reflects its impact. In terms of dissemination, we can state that, as of

    • Views: 199
    • Downloads: 109
    [+]

    Leadership analysis of institutional authors

    This work has been carried out with international collaboration, specifically with researchers from: Ecuador.

    There is a significant leadership presence as some of the institution’s authors appear as the first or last signer, detailed as follows: First Author (SANCHEZ GARCIA, ISAAC DANIEL) .

    [+]

    Project objectives

    Los objetivos perseguidos en esta aportación son: analizar las directrices y objetivos comunes en auditorías de riesgos de ciberseguridad mediante una revisión sistemática de la literatura de los últimos diez años (2012-2022); identificar y seleccionar 23 estudios relevantes que aborden estos objetivos y directrices; proponer atributos específicos para la creación de una guía de auditoría de riesgos de ciberseguridad; y aplicar y validar los parámetros identificados en los estudios seleccionados, contribuyendo así a la mejora continua en la gestión de riesgos de ciberseguridad.
    [+]

    Most relevant results

    El estudio presenta una revisión sistemática de la literatura sobre auditorías de riesgos de ciberseguridad, abarcando investigaciones publicadas entre 2012 y 2022. Se identificaron 23 estudios que mencionan objetivos y directrices comunes para la auditoría de riesgos en ciberseguridad. Se propusieron atributos específicos para la elaboración de una guía de auditoría de riesgos de ciberseguridad. Finalmente, se realizó una aplicación y validación de los parámetros identificados en los estudios analizados, demostrando la viabilidad y pertinencia de la propuesta en el contexto actual de gestión de riesgos.
    [+]