THE ORGANIZATIONAL PRINCIPLES OF INFORMATION PROTECTION MANAGEMENT SYSTEM REALIZATION
Journal Title: MEST Journal - Year 2019, Vol 0, Issue 2
Abstract
In the modern world, information protection is a driving force at the state level. Therefore, it is necessary to effectively form the system of control of information protection following international standards. The objective of the paper is an explanation of the importance of aligning of the existing regulatory framework with the requirements of the international ISO/IEC standards for the development of information security policy and risk assessment in information protection. In the paper, there are discussed protection (information technology and management of the use of information security management system), and security (for information technology, security techniques, requirements for audit and certification bodies, information protection). The management of information flows between users, processes, and objects’ needs to be carried out only by specially authorized users (administrators). The article clarifies that the existing regulatory framework should be substantially changed because it does not specify requirements for the development of information security policies and information protection (IP) risk assessment. Four basic security criteria are presented: accessibility, integrity, confidentiality, and observation. In conclusions, there is proposed adoption of ISO/IES standards series 27000 to get an opportunity to legally participate in the state or private certification of technical systems for information protection (TZI) or develop their own qualitatively new security standards and policies.
Authors and Affiliations
Valeryi Sereda, Zinaida Zhyvko, Olga Balynska, Taras Rudyi
Keywords
Related Articles
- EP ID EP604075
- DOI 10.12709/mest.07.07.02.09
- Views 98
- Downloads 0
USE OF TECHNOLOGICAL ERRORS OF EQUIPMENT MANUFACTURING: DIGITAL SOUNDTRACKS AND DIGITAL RECORDING
The article deals with the theoretical bases of creating examination tools for the authenticity of digital soundtracks and identification of digital recording equipment based on a new direction. The purpose of this artic...
ECONOMIC ACTIVITIES INFLUENCE MODELS ON THE TRAFFIC FLOWS IN BULGARIAN SEAPORTS
The article presents analysis, assessment, and simple linear regression models of the basic economic activities impact on the volume of the cargo traffic processed in maritime ports of national importance in the Republic...
ECONOMIC EFFECTS OF DYNAMICS IN MIGRATION PROCESSES
Considerable interstate movements of the labor force are taking place in nowadays world economy due to the reasons of economic and non-economic character. It makes the governments all over the world find mechanisms and t...
COMPETITIVENESS OF SMALL AND MEDIUM ENTERPRISES IN THE BRICS COUNTRIES AND SERBIA
The focus of this study is on the position of BRICS countries (Brazil, Russia, India, China and South Africa) and Serbia in The Global Competitiveness Report for 2017. Constraints related to the public trust in politicia...
MODELING OF OPTIMAL CREDIT STRATEGY OF A PHARMACEUTICAL PRODUCT DISTRIBUTOR WITH DELAY
The activities of pharmaceutical products distribution companies are multifaceted. They establish contacts with producers and consumers, determine the range of prices of medicines, do promotions, hold stocks of pharmaceu...