Information security factors systematization

Authors

DOI:

https://doi.org/10.15587/2312-8372.2015.51111

Keywords:

information security, system of factors, external and internal context, risk

Abstract

In this article the necessity of solving the theoretical and practical task, aimed on development the methodological basis for elaboration and implementation of information security management system, has been considered. Based on research results of scientific works and the requirements in the field of information security management the universal multilevel system of information security factors of organizations (enterprises) in the wood properties form was offered by using quality control theory and causal analysis. This system allows: to arrange factors in homogeneous characteristics; to demarcate the threats of the organization in the information security field by external and internal context; to determine the nature of the threats; to ensure the development of methodological fundamentals of creation and implementation the information security management system based on the integrated management system. The proposed system can be used as a tool for evaluation and/or reduction of information risks in organizations of various types, kinds and governance forms.

Author Biographies

Вадим Николавевич Янченко, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Postgraduate

Department of manufacturing engineering, machines and tools

Александр Владимирович Ивченко, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Candidate of Technical Sciences, Assistant Professor

Department of manufacturing engineering, machines and tools

Вильям Александрович Залога, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Doctor of Technical Sciences, Professor, Head of the Department

Department of manufacturing engineering, machines and tools

Оксана Дмитриевна Дынник, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Candidate of Technical Sciences, Assistant Professor

Department of manufacturing engineering, machines and tools

References

  1. Romanenko, Е. А., Timofeev, D. S. (2015). Metodu obychenia personala po voprosa, informacionnoy bezopasnocti. Available: http://ir.nmu.org.ua/bitstream/handle/123456789/1667/14.pdf. Last accessed 18.01.2015.
  2. Smith, L. R. (2004). The Triple Bottom (Top) Line. Quality Progress, 37 (2), 23.
  3. Ivchenko, А. V., Stypin, B. А., Ianchenko, V. N., Nagornayа, Т. U. (2014). Sovremennoe sostoyanie i pyti razvitiya normativnogo obespecheniya informacionnoy bezopasnosti. 4-y МNPК «Tehnika i tehnologii: pyti innovacionnogo razvitiya». Kyrsk: Ugo-Zapadnuy gosydarstvennuy yniversitet, 124–129.
  4. Galatenko, V. A.; In: Betelin, V. B. (2006). Osnovy informatsionnoi bezopasnosti. M.: Internet-universitet informatsionnyh tehnologii, 208.
  5. Andrianov, V. V. (2011). Obecpechenie informacionnoy bezopasnosti biznesa. Available: http://bezopasnik.org/article/book/andrianov_infobez_biz_2011.pdf. Last accessed 28.02.2015.
  6. Agmehamedov, I. М. (2012). Dinamicheskay nechetnaya kognetivnaya model ocenki yrovnya bezopasnosti informacionnyh aktivov vyza. Vestnik АGТУ. Ser.: Upravlenie, vuchislitelynaya tehnika i informatika, 2, 137–142.
  7. Agmehamedov, I. М., Protalinskiy, О. М. (2009). Informacionnaya bezopasnost korporativnoy seti vyza. Datchiki i sistemy, 5, 3–7.
  8. Koncepciya obespecheniya иinformacionnoy bezopasnosti. Available: http://securitypolicy.ru/index.php/Концепция_обеспечения_информационной_безопасности_предприятия. Last accessed 28.02.2015.
  9. Armenskiy, А. Е., Gysev, V. S., Petrov, А. Е., Shlenov, U. V. (2003). Informacionnaya i ekonomichesjaya bezopasnost gosydarstva. М.: Mobile, 143.
  10. GOST R 51275-99. Obekt informatizacii. Faktoru, vozdeystvyyshie na informaciy. (1999). Applied from 2000-01-01. М.: Standartinform, 12.
  11. GОST R ISO/МEК 31010-2011. Menedgment riska. Metody ocenki riska (ISO/IEC 31010:2009). (2012). Applied from 2011-12-01. М.: Standartinform, 74.
  12. Azgaldov, G. G. (1989). Kvalimetriya v arhitektyrno-stroitelnom proektirovanii. М.: Stroyizdat, 198.
  13. GOST R ISO 31000-2010. Menedgment riska. Princupu i rekovodstvo (ISO 31000:2009). (2012). Applied from 2011-09-01. М.: Standartinform, 25.
  14. Radzab, Z. М., Zaloga, V. А., Ivchenko, А. V. (2012). Issledovanie vzaimodeystviya mezdynarodnuh yniversalnuh standartov pry sozdanii integrirovannuh system menedgmenta. Modern Technologies of Engineering, 7, 315–332.

Published

2015-09-22

How to Cite

Янченко, В. Н., Ивченко, А. В., Залога, В. А., & Дынник, О. Д. (2015). Information security factors systematization. Technology Audit and Production Reserves, 5(6(25), 30–35. https://doi.org/10.15587/2312-8372.2015.51111