THE ORGANIZATIONAL PRINCIPLES OF INFORMATION PROTECTION MANAGEMENT SYSTEM REALIZATION
Journal Title: MEST Journal - Year 2019, Vol 0, Issue 2
Abstract
In the modern world, information protection is a driving force at the state level. Therefore, it is necessary to effectively form the system of control of information protection following international standards. The objective of the paper is an explanation of the importance of aligning of the existing regulatory framework with the requirements of the international ISO/IEC standards for the development of information security policy and risk assessment in information protection. In the paper, there are discussed protection (information technology and management of the use of information security management system), and security (for information technology, security techniques, requirements for audit and certification bodies, information protection). The management of information flows between users, processes, and objects’ needs to be carried out only by specially authorized users (administrators). The article clarifies that the existing regulatory framework should be substantially changed because it does not specify requirements for the development of information security policies and information protection (IP) risk assessment. Four basic security criteria are presented: accessibility, integrity, confidentiality, and observation. In conclusions, there is proposed adoption of ISO/IES standards series 27000 to get an opportunity to legally participate in the state or private certification of technical systems for information protection (TZI) or develop their own qualitatively new security standards and policies.
Authors and Affiliations
Valeryi Sereda, Zinaida Zhyvko, Olga Balynska, Taras Rudyi
Keywords
Related Articles
- EP ID EP604075
- DOI 10.12709/mest.07.07.02.09
- Views 94
- Downloads 0
ADJUSTING GENERAL ELECTRIC MULTIFACTOR PORTFOLIO MODEL FOR FUZZY ANALYSIS OF SBUS PERFORMANCES
Traditional General Electric Multifactor portfolio model is designed to serve as a strategic tool for analyzing strategic business units (SBUs) in diversified organizations and it can be used for optimally allocating res...
INTELLIGENT ORGANIZATIONS IN DIGITAL AGE - CASE STUDY OF SMES IN POLAND
Business in the 21st century is being redefined by a data-driven revolution. Small and medium enterprises (SMEs) play an essential role in the global economic growth. The share of the Polish SME sector in GNP has been at...
IMPLEMENTATION OF COMPETITION LAW. ECONOMIC CONCENTRATIONS - CASE STUDIES IN THE PRACTICE OF THE REPUBLIC OF MOLDOVA
Maintaining a normal competitive environment is the basis of competition policy. The process of identification, analysis and sanctioning of law breaches is very complex. During this process, there are identified the part...
THEORETICAL APPROACHES TO UNDERSTANDING THE NATURE OF THE CASH FLOWS OF COMPANIES
The article deals with theoretical approaches to understanding the nature of the cash flows of companies. The question of determining the economic nature of the cash flows is extremely important both in theoretical and p...
PROJECT FINANCE AS A FORM OF FINANCIAL MANAGEMENT IN RUSSIAN AGRICULTURE
Now there is a need for use of new instruments of financing of agro-industrial production as the existing mechanisms of crediting and subsidizing of interest rates are represented insufficiently effective. The agricultur...