THE ORGANIZATIONAL PRINCIPLES OF INFORMATION PROTECTION MANAGEMENT SYSTEM REALIZATION
Journal Title: MEST Journal - Year 2019, Vol 0, Issue 2
Abstract
In the modern world, information protection is a driving force at the state level. Therefore, it is necessary to effectively form the system of control of information protection following international standards. The objective of the paper is an explanation of the importance of aligning of the existing regulatory framework with the requirements of the international ISO/IEC standards for the development of information security policy and risk assessment in information protection. In the paper, there are discussed protection (information technology and management of the use of information security management system), and security (for information technology, security techniques, requirements for audit and certification bodies, information protection). The management of information flows between users, processes, and objects’ needs to be carried out only by specially authorized users (administrators). The article clarifies that the existing regulatory framework should be substantially changed because it does not specify requirements for the development of information security policies and information protection (IP) risk assessment. Four basic security criteria are presented: accessibility, integrity, confidentiality, and observation. In conclusions, there is proposed adoption of ISO/IES standards series 27000 to get an opportunity to legally participate in the state or private certification of technical systems for information protection (TZI) or develop their own qualitatively new security standards and policies.
Authors and Affiliations
Valeryi Sereda, Zinaida Zhyvko, Olga Balynska, Taras Rudyi
Keywords
Related Articles
- EP ID EP604075
- DOI 10.12709/mest.07.07.02.09
- Views 84
- Downloads 0
MASS MIGRATION AND CRISIS MANAGEMENT OF THE PUBLIC ADMINISTRATION OF THE SLOVAK REPUBLIC
Author of this article analyses the current state of a readiness of the crisis management in the public administration of the Slovak Republic to deal with potential crisis situations caused by the massive influx of the i...
PROVISION OF INTERNATIONAL EDUCATIONAL SERVICES BASED ON NUS EXPERIENCE
With increasing competition in the global education sphere, the only way to a decent functioning of the Higher Educational Institutions of Ukraine is to match the high international standards. This cannot be achieved wit...
ADJUSTING GENERAL ELECTRIC MULTIFACTOR PORTFOLIO MODEL FOR FUZZY ANALYSIS OF SBUS PERFORMANCES
Traditional General Electric Multifactor portfolio model is designed to serve as a strategic tool for analyzing strategic business units (SBUs) in diversified organizations and it can be used for optimally allocating res...
THE COMPLEX VIEW FOR STUDY DISCIPLINE CRISIS MANAGEMENT
Many Slovak and Czech Universities offer crisis management studies in some of the crisis management fields. Most of them reduce this study on the civil protection of inhabitants. Crisis management has its applications in...
THE TREATIES OF MAASTRICHT, AMSTERDAM, AND NICE
The Treaty of Maastricht in 1992, along with the following treaties of Amsterdam and Nice, were the consequences of European development in the field of integration. They just were the next logical step after the Single...