{"title":"Review of Cybersecurity Audit Management and Execution Approaches","authors":"Khairun Nisyak Zakaria, S. H. Othman, A. Zainal","doi":"10.1109/ICRIIS48246.2019.9073641","DOIUrl":null,"url":null,"abstract":"The management and execution of good cybersecurity audits help organizations to strengthen their cybersecurity operations by detecting and mitigating cyberattacks and threats from attacking and destroying organizational assets based on the result of audit findings. However, the objectives of this audit cannot be fully achieved because of the various problems prevalent in audit management and execution. This paper aims to review issues that motivate the research of cybersecurity audit and the approaches to manage and execute it. Previous works in this area of interest are discussed by classifying and analyzing the current approaches. Models, scopes, strengths and limitations are studied and the most effective and accurate synthesis that can improve the quality of cybersecurity audits is highlighted. Various approaches to manage and execute cybersecurity audit with their objectives and advantages are classified. From this literature review, it is clear that cybersecurity audits can be improved by addressing the highlighted issues and create a well-rounded approach to improve the management and execution of auditing. Timeliness, accuracy and measurement in regards of cybersecurity auditing are not included in this review and shall be discussed in future study as they have significant impact on the audits.","PeriodicalId":294556,"journal":{"name":"2019 6th International Conference on Research and Innovation in Information Systems (ICRIIS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 6th International Conference on Research and Innovation in Information Systems (ICRIIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRIIS48246.2019.9073641","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
The management and execution of good cybersecurity audits help organizations to strengthen their cybersecurity operations by detecting and mitigating cyberattacks and threats from attacking and destroying organizational assets based on the result of audit findings. However, the objectives of this audit cannot be fully achieved because of the various problems prevalent in audit management and execution. This paper aims to review issues that motivate the research of cybersecurity audit and the approaches to manage and execute it. Previous works in this area of interest are discussed by classifying and analyzing the current approaches. Models, scopes, strengths and limitations are studied and the most effective and accurate synthesis that can improve the quality of cybersecurity audits is highlighted. Various approaches to manage and execute cybersecurity audit with their objectives and advantages are classified. From this literature review, it is clear that cybersecurity audits can be improved by addressing the highlighted issues and create a well-rounded approach to improve the management and execution of auditing. Timeliness, accuracy and measurement in regards of cybersecurity auditing are not included in this review and shall be discussed in future study as they have significant impact on the audits.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
