1. ALI MOHAMMED ALWAHAIBI - Universiti Selangor (UNISEL), Bestari Jaya, Malaysia.
2. WAN AZLAN BIN WAN HASSA - Universiti Selangor (UNISEL), Bestari Jaya, Malaysia.
3. WAN BASRI WAN ISMAIL - Universiti Selangor (UNISEL), Bestari Jaya, Malaysia.
4. MOHAMMED ALMAMARI - University of Technology and Applied Sciences, Salalah, Oman.
Cybersecurity has taken on a wider role, especially in the present era due to an increase in high-risk cyberattacks. The greatest objective of adapting to cybersecurity is only to protect organizations and users in possible environments like networks, devices, software, etc. Multiple information security policy compliances were created to keep cyber-attacks at bay. Several IT security standards are available at present in different sectors like healthcare, education, and various industries. The aim behind this Systematic Literature Review (SLR) is to analyze the optimistic model of IT security policy compliance from an educational perspective. This research’s main objective is to find the number of papers published in past years on IT security standards. We have several IT security policy compliance models like COBIT, ISO/IEC 27001, ITIL, NIST, SAS 70, CMMI, etc. In all, 593 articles were stored in the database, out of which 143 were valid articles related to IT security policy standards, whereas others were duplicates. From the count of 143, the full-text open access articles were 63, which were used further to build the SLR. Prior to the research, the SLR captures a detailed comparison of the NIST, ISO 27001and COBIT IT security policy models using particularly PRISMA check methodology in higher education institutions to reduce the risk of cyberattacks. To drive deeper research over SLR, multiple publications had been referred to like IEEE, Scopus, ScienceDirect, etc. Additionally, some key points are discussed that analyze the scope, mechanism, and technology used in the respective models. In addition, a brief introduction to various types of IT Security Policy Compliance, such as ISO 270001, NIST, and COBIT, is provided in this SLR. In the result section, based on the maintained database that contains the number of published papers and corresponding year, a scatter plot is drawn. The plot helps to get more clarity about the analysis done for IT security policy compliance models preferred by the higher education institutions in the past years. Further, future research can be done into IT security policy compliance that will act as a turning point for all the researchers in higher education sectors.
Cybersecurity, Information Security Policy Compliance in Higher Education, Cybersecurity model, NIST cybersecurity model for education.