Efficiency audit for IT-systems of state management strategic objects
Journal Title: Вісник Житомирського державного технологічного університету. Серія: економіка, управління та адміністрування - Year 2017, Vol 80, Issue 2
Abstract
Hackers’ attacks at the end of 2016 and at the beginning of 2017 р. on governmental information and telecommunication systems, including Ministry of Finance in Ukraine, and State Treasury Department, caused vast delays in budgetary payments. They showed «sensitiveness» and insecurity of governmental institutions for cyber-attacks because of control absence of three main security measures, such as technical limitations for downloading programs, limited use of rights for local administrators, systematical software renewals. International experience shows these security measures of governmental IT-systems have to be the audit subject of state financial control authorities. The base of information technology audit was initiated in the studies of І.К. Drozd, S.V. Іvachnenkova, М.М. Benko, Ju.А. Кuxminskiy, А.V. Мamyshev. Simultaneously, the issue of IT-system state audit was examined in theoretical researches partially because there is no practice of such audit in Ukraine. That is why it is necessary to learn international practice of efficiency audit for IT-systems and world standards for establishments of state management sector. The research allowed to propose the methodology of efficiency audit for IT-systems for state institutions; the methodology provides planning and conducting the main procedures on the base of risk estimation of security threats for information systems. The author determines the peculiarities in security risk management for IT-systems by means of risk estimation of security components of IT-systems while conducting efficiency audit. The author sets the method of descending step-by-step detailing for audit estimation of IT-system risk management efficiency at strategic enterprises belonging to state management sector by means of adaptation of ISSAI standard norms. The paper proposes three possible options of management solution concerning IT-system risk management efficiency on the base of information about the risk levels according to the results of efficiency audit. To document the IT-system efficiency audit results the author develops the standard forms of auditor’s working documents, that is, «Statement about information vulnerability and determining the category of protection», «Estimation of results and threats for activity». The further research of the issue of IT-system efficiency audit is to develop organizational actions as to carrying out the check-ups (by Account Chamber) of IT-system security at strategic enterprises belonging to state management sector.
Authors and Affiliations
V. A. Abasov
Keywords
Related Articles
- EP ID EP273738
- DOI -
- Views 125
- Downloads 0
Institutional forms and state support for innovation and technological modernization of inter-farm and farm facilities in the area of drainage land-reclamation
In the context of approximation of European and domestic legislation and within the framework of the Association Agreement with the European Union, the issue of efficient use of water resources in the agro-industrial com...
Social entrepreneurship as the solution tool of social and economic problems
The article is devoted to the study of the problem concerning the development of social entrepreneurship and the formation of employment policy in Ukraine. In the context of the topic of investigation, the author conduct...
Management strategy of enterprise
The development of market relations, increasing competition result in the accelerated necessity in strategic management as one of the most efficient and progressive means of organization management. The article deals wit...
Public management and administration in the context of protecting its information space
The dominant problem of the formation of effective principles of public administration in Ukraine is the need for its safe functioning as well as on the administrative, program and procedural level. The purpose of the ar...
Main directions and priorities of Ukraine state migration policy in the context of its european integration changes
The exceptional socio-economic importance of migration and its significant impact on the living standards and welfare of the population, labor market, ethnic and religious profile of Ukrainians, cultural and educational...