Purpose of research. The purpose of this study is to assess the possibility of applying the methodology for centralized management of systems and information risks using the example of informatization of public departments of Republic of Tyva in order to optimize the cost of purchasing technical, software and hardware-software means of protecting information, as well as the payroll of maintenance technical personnel.Methods. One of the main research methods is the creation of an experimental model of the mechanism of a single information and computing network, combining various government departments located within the same administrative building, which allows working simultaneously with distributed or centralized applications, databases and other services, as well as centralized information risk management security. The next research method is the analysis and study of the principle of operation of information resources, information systems, databases, and the increase in the number of domain users if they are combined into a single data transfer network. The interaction and effectiveness of personnel, a specialized unit based on one government agency, ensuring the regular functioning of the network and the necessary level of information security for all government departments.Results. As a result, an economic effect is achieved by eliminating the acquisition of duplicate software and hardware information protection, increasing the efficiency of using unified information services, and creating a centralized structural unit that uses risk management tools and makes information security management decisions based on the principles of system analysis , structuring method and expert survey methods. The results of the study have been used in solving problems of improving the information security management system of the authorities of Republic of Tyva.Conclusion. We have developed the original information technology architecture of the information security management system and centralized use of information technologies for the government of Republic of Tyva. The distinctive features of the structure of software tools for the centralized approach are the multi-agent implementation of the control elements of the decision support system and the integration of various types of security management models into a single complex.
Analisis Sistem Manajemen Keamanan Informasi Menggunakan ISO/IEC 27001 : 2013 Serta Rekomendasi Model Sistem Menggunakan Data Flow Diagram pada Direktorat Sistem Informasi Perguruan Tinggi
