Information security factors systematization

Authors

DOI:

https://doi.org/10.15587/2312-8372.2015.51111

Keywords:

information security, system of factors, external and internal context, risk

Abstract

In this article the necessity of solving the theoretical and practical task, aimed on development the methodological basis for elaboration and implementation of information security management system, has been considered. Based on research results of scientific works and the requirements in the field of information security management the universal multilevel system of information security factors of organizations (enterprises) in the wood properties form was offered by using quality control theory and causal analysis. This system allows: to arrange factors in homogeneous characteristics; to demarcate the threats of the organization in the information security field by external and internal context; to determine the nature of the threats; to ensure the development of methodological fundamentals of creation and implementation the information security management system based on the integrated management system. The proposed system can be used as a tool for evaluation and/or reduction of information risks in organizations of various types, kinds and governance forms.

Author Biographies

Вадим Николавевич Янченко, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Postgraduate

Department of manufacturing engineering, machines and tools

Александр Владимирович Ивченко, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Candidate of Technical Sciences, Assistant Professor

Department of manufacturing engineering, machines and tools

Вильям Александрович Залога, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Doctor of Technical Sciences, Professor, Head of the Department

Department of manufacturing engineering, machines and tools

Оксана Дмитриевна Дынник, Sumy State University, 2, Rymskogo-Korsakova st., 40007, Sumy

Candidate of Technical Sciences, Assistant Professor

Department of manufacturing engineering, machines and tools

References

  1. Romanenko, Е. А., Timofeev, D. S. (2015). Metodu obychenia personala po voprosa, informacionnoy bezopasnocti. Available: http://ir.nmu.org.ua/bitstream/handle/123456789/1667/14.pdf. Last accessed 18.01.2015.
  2. Smith, L. R. (2004). The Triple Bottom (Top) Line. Quality Progress, 37 (2), 23.
  3. Ivchenko, А. V., Stypin, B. А., Ianchenko, V. N., Nagornayа, Т. U. (2014). Sovremennoe sostoyanie i pyti razvitiya normativnogo obespecheniya informacionnoy bezopasnosti. 4-y МNPК «Tehnika i tehnologii: pyti innovacionnogo razvitiya». Kyrsk: Ugo-Zapadnuy gosydarstvennuy yniversitet, 124–129.
  4. Galatenko, V. A.; In: Betelin, V. B. (2006). Osnovy informatsionnoi bezopasnosti. M.: Internet-universitet informatsionnyh tehnologii, 208.
  5. Andrianov, V. V. (2011). Obecpechenie informacionnoy bezopasnosti biznesa. Available: http://bezopasnik.org/article/book/andrianov_infobez_biz_2011.pdf. Last accessed 28.02.2015.
  6. Agmehamedov, I. М. (2012). Dinamicheskay nechetnaya kognetivnaya model ocenki yrovnya bezopasnosti informacionnyh aktivov vyza. Vestnik АGТУ. Ser.: Upravlenie, vuchislitelynaya tehnika i informatika, 2, 137–142.
  7. Agmehamedov, I. М., Protalinskiy, О. М. (2009). Informacionnaya bezopasnost korporativnoy seti vyza. Datchiki i sistemy, 5, 3–7.
  8. Koncepciya obespecheniya иinformacionnoy bezopasnosti. Available: http://securitypolicy.ru/index.php/Концепция_обеспечения_информационной_безопасности_предприятия. Last accessed 28.02.2015.
  9. Armenskiy, А. Е., Gysev, V. S., Petrov, А. Е., Shlenov, U. V. (2003). Informacionnaya i ekonomichesjaya bezopasnost gosydarstva. М.: Mobile, 143.
  10. GOST R 51275-99. Obekt informatizacii. Faktoru, vozdeystvyyshie na informaciy. (1999). Applied from 2000-01-01. М.: Standartinform, 12.
  11. GОST R ISO/МEК 31010-2011. Menedgment riska. Metody ocenki riska (ISO/IEC 31010:2009). (2012). Applied from 2011-12-01. М.: Standartinform, 74.
  12. Azgaldov, G. G. (1989). Kvalimetriya v arhitektyrno-stroitelnom proektirovanii. М.: Stroyizdat, 198.
  13. GOST R ISO 31000-2010. Menedgment riska. Princupu i rekovodstvo (ISO 31000:2009). (2012). Applied from 2011-09-01. М.: Standartinform, 25.
  14. Radzab, Z. М., Zaloga, V. А., Ivchenko, А. V. (2012). Issledovanie vzaimodeystviya mezdynarodnuh yniversalnuh standartov pry sozdanii integrirovannuh system menedgmenta. Modern Technologies of Engineering, 7, 315–332.

Downloads

Published

2015-09-22

How to Cite

Янченко, В. Н., Ивченко, А. В., Залога, В. А., & Дынник, О. Д. (2015). Information security factors systematization. Technology Audit and Production Reserves, 5(6(25), 30–35. https://doi.org/10.15587/2312-8372.2015.51111

Issue

Vol. 5 No. 6(25) (2015): Fundamental and applied researches: integration into the world scientometric databases

Section

Information technology and control systems

License

Copyright (c) 2016 Вадим Николавевич Янченко, Александр Владимирович Ивченко, Вильям Александрович Залога, Оксана Дмитриевна Дынник

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.