ID | Year | Ref | Focused | Collected Components |
1 | 2014 | [15] | ANSI/API Security Risk Assessment methods were examined for developing proactive security postures by using risk-based performance metrics as part of this study. | Characterization, threat assessment, vulnerability assessment, risk evaluation, risk treatment |
2 | 2014 | [17] | In this paper, the authors provided a framework for defining a model for formulating, implementing, and enforcing policies related to information security in an organization. | policy formulation, policy implementation, policy enforcement, and policy monitoring. |