Information security audit

Authors

DOI:

https://doi.org/10.31498/2225-6725.40.2024.315807

Keywords:

information security, information technology, enterprises, information and telecommunication system, audit

Abstract

The article defines that information security auditing aims to identify and assess potential issues and vulnerabilities in the operation of an enterprise's information systems. The essence and scope of different types of information security audits for enterprises are explored. A sequence for conducting an information security audit is proposed, highlighting its stages, each aimed at ensuring the protection of the enterprise's information system from unauthorized access while maintaining business continuity.

References

  1. Roj Ja. V., Audyt informacijnoji bezpeky - osnova efektyvnogho zakhystu pidpryjemstva / Ja. V. Roj, N. P. Mazur, P. M. Skladannyj // Kiberbezpeka: osvita, nauka, tekhnika. – 2018. – № 1. – S. 86-93. – Access mode: http://nbuv.gov.ua/UJRN/cest_2018_1_11
  2. Judin O. K. Suchasni praktyky vprovadzhennja systemy audytu informacijnoji bezpeky na ob'jektakh krytychnoji infrastruktury / O. K. Judin, R. V. Zjubina, O. V. Matvijchuk-Judina // Naukojemni tekhnologhiji. – 2019. – # 1. – S. 36-43. – Access mode: http://nbuv.gov.ua/UJRN/Nt_2019_1_7
  3. Kryvoruchko O. V. Modeljuvannja informacijnoji systemy provedennja nezalezhnogho audytu informacijnoji bezpeky / O. V. Kryvoruchko, A. M. Desjatko, O. M. Sunichuk // Upravlinnja rozvytkom skladnykh system. – 2020. – Vyp. 43. – S. 67-75. – Access mode: http://nbuv.gov.ua/UJRN/Urss_2020_43_12
  4. DSTU ISO/IEC 27001:2014 Informacijni tekhnologhiji. Metody bezpeky. Systemy menedzhmentu informacijnoju bezpekoju. Vymoghy (ISO/IEC 27001:2013;ISO/IEC 27001:2013/Cor 1:2014;IDT)
  5. DSTU ISO / IEC: 17799 «Informacijni tekhnologhiji. Upravlinnja informacijnoju bezpekoju».
  6. DSTU ISO/IEC 27001:2015 Informacijni tekhnologhiji. Metody zakhystu. Systemy upravlinnja informacijnoju bezpekoju. Vymoghy (ISO/IEC 27001:2013; Cor 1:2014, IDT)
  7. DSTU 3396.1-96 Zakhyst informaciji. Tekhnichnyj zakhyst informaciji. Porjadok provedennja robit.

Downloads

Published

2024-11-21

How to Cite

Khadzhynova, O., & Khadzhynova, M. (2024). Information security audit. REPORTER OF THE PRIAZOVSKYI STATE TECHNICAL UNIVERSITY Section: Economic Sciences, 1(40), 9–19. https://doi.org/10.31498/2225-6725.40.2024.315807

Issue

Vol. 1 No. 40 (2024): REPORTER OF THE PSTU. Section: Economic sciences

Section

Статті

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

The journal uses the Creative Commons Attribution 4.0 International (CC BY 4.0) licence, which means that the authors retain copyright and allow others to freely use, modify, adapt, distribute articles; even for commercial purposes - provided that the authorship and source are indicated. Full text of the licence: https://creativecommons.org/licenses/by/4.0/deed.uk.