This thesis presents the outcomes of research and analysis of cybersecurity Risk Management (RM) frameworks/methodologies and software tools with the purpose of evaluation and comparison on specific criteria. The identification of the most prominent RM frameworks/methodologies and software tools was based on a systematic survey of related risk management approaches used in various contexts, but mainly in the IT industry. The identified collection of frameworks and methodologies includes well-known and widely used RM standards that provide high-level guidelines for risk management processes applicable in all types of organizations. Additionally, more structured methodologies are identified that follow specific phases or steps to implement RM processes. The main characteristics and features of each identified RM framework and methodology are described. Likewise, all the software tools described in this paper are well-known and widely used by all kinds of industries and organizations. Based on this analysis, we set the evaluation criteria and rate each one of these criteria for every RM framework described, with the purpose of comparing them in order to provide the community with a solid and documented result to help them choose the most fitted RM framework/methodology and software tool based on their needs and purposes.