Discovering the variables of cyber risk assessment through a systematic literature review

This paper presents a working process in discovering the processes involved in cyber risk assessment by using systematic literature review (SLR). Cyber risk assessment is part of the risk management process of cyber security. Various approaches were used in assessing cyber risk; thus, this research tends to discover the process usually involved in the assessment part of risk management. The objectives are to discover related literature through the SLR and to identify variables used in assessing risk. A three-staged systematic review was used in this SLR which is planning, conducting, and reporting the review. The finding shows the variables discovered in each process of assessment. The finding also shows that traditional processes of identification, analysis and evaluation are still widely used in assessing risk. A framework was produced based on the process and variables found. This research would help to give a clear overview of how cyber risk assessment usually being conducted and can be a good guideline at the assessing part of risk management.