ID

Year

Ref

Focused

Collected Components

1

2014

[15]

ANSI/API Security Risk Assessment methods were examined for developing proactive security postures by using risk-based performance metrics as part of this study.

Characterization, threat assessment, vulnerability assessment, risk evaluation, risk treatment

2

2014

[17]

In this paper, the authors provided a framework for defining a model for formulating, implementing, and enforcing policies related to information security in an organization.

policy formulation, policy implementation, policy enforcement, and policy monitoring.