ID

Year

Ref

Existing Components

CSRAM

Components

1

2014

[15]

Characterization, threat assessment, vulnerability assessment, risk evaluation, risk treatment

þ

2

2014

[17]

policy formulation, policy implementation, policy enforcement, and policy monitoring.

þ

3

2016

[18]

Establish information security policy development team, determine the security needs of the organisation, compiling the security policy document, and the implementation and maintenance stage

þ

4

2017

[19]

Policy Initiation, Policy Drafting, Policy Implementation, Policy Review, and Policy Maintenance

þ

5

2017

[20]

information security; policy; decision making

þ

6

2018

[21]

Cyber Security, Cyber Security Policy, Implementation

þ

7

2018

[22]

Cybersecurity, assess threats

þ

8

2018

[65]

Construct, Construct, Compliance, Information Security Practice Behaviours

þ

9

2022

[4]

Risk identification, risk assessment, risk control, risk monitoring and response, and risk communication

þ

10

2022

[23]

Monitoring, Measurement, Compliance, Information security controls

þ

11

2023

[16]

Information security risk assessment, implementation of security controls, monitoring, and review

þ

12

2023

[70]

Internet of Things, Cybersecurity, Firmware, Entropy, Hardcoded, Attack Vector

þ

13

2023

[70]

Security assessment, Decision tree, Copula functions, Machine learning

þ

14

2023

[24]

Information security, Policy, Decision making

þ

15

2023

[25]

Information security assessment, Security assessment, Fuzzy theory, Smart grid

þ