scholarly journals AUDIT OF INFORMATION SECURITY IS THE BASIS OF EFFECTIVE PROTECTION OF THE ENTERPRISE

2018 ◽  
pp. 86-93 ◽  
Author(s):  
Yanina Vl. Roy ◽  
Nataliia P. Mazur ◽  
Pavlo M. Skladannyi
Keyword(s):  
Information Security ◽  
Subject Area ◽  
Modern Concept ◽  
Optimal Management ◽  
Cycle Model ◽  
Security Audit ◽  
Management Decisions ◽  
Effective Protection ◽  
Current Information ◽  
Audit Cycle

The article considers the concept of audit of information security in the organization, its types and main stages are given. In general, security audit, regardless of the form of its conduct, consists of four main stages, each of which carries out a certain range of work. The article outlines the main steps in the organization of the process of conducting information security audit within the framework of business audit as a modern concept for audit in general. The features of each of the indicated stages are disclosed, and recommendations for their implementation are given. The result of the proposed approach to the audit of information security is a comprehensive audit cycle model within the framework of business auditing, which allows carrying out studies of the specified subject area, which serves as the basis for preparing information for making optimal management decisions. Reducing the risk through additional organizational and technical means of protection, which reduce the likelihood of an attack or reduce the possible damage from it. The above information will allow you to assess the current information security of your company and make a decision to conduct an audit.

Determination of the weight of audit evidence by the method of point ratings in the information security audit

2020 ◽  
Vol 7 (1) ◽  
pp. 57-62
Author(s):  
Vladislav A. Voevodin ◽  
◽  
Maria S. Markina ◽  
Pavel V. Markin ◽  
◽  
...  
Keyword(s):  
Information Security ◽  
Security Audit ◽  
Audit Evidence

REGULATORY AND LEGAL SUPPORT OF INFORMATION SECURITY IN UKRAINE

2017 ◽  
Author(s):  
Oleksandr Malashko ◽  
◽  
Serhii Yesimov ◽  
Keyword(s):  
European Union ◽  
Information Security ◽  
National Security ◽  
Legal Regulation ◽  
The European Union ◽  
Basic Principles ◽  
Association Agreement ◽  
Legal Information ◽  
Current Information ◽  
Initial Stage

The article examines trends in the development of legal regulation of information security in Ukraine in the context of the implementation of the Association Agreement between Ukraine and the European Union. The current information legislation and regulations on information security are analyzed. The tendencies in the legal regulation of information security that took place at the initial stage of the formation of information legislation are revealed. Based on the factors that took place before the adoption of the Doctrine of information security of Ukraine, the laws of Ukraine “On the basic principles of ensuring the cybersecurity of Ukraine”, “On the national security of Ukraine”, in the context of the current legislation, based on the methodology of legal forecasting, it is concluded that in the future the development of normative legal information security will be developed on the basis of by-laws, mainly at the departmental level.

A Review of Security of Electronic Health Records

2005 ◽  
Vol 34 (1) ◽  
pp. 13-18 ◽  
Author(s):  
Khin Than Win
Keyword(s):  
Information Security ◽  
Electronic Health Records ◽  
Research Question ◽  
Health Records ◽  
Security Technologies ◽  
Current Information ◽  
Electronic Health

The objective of this study is to answer the research question, ‘Are current information security technologies adequate for electronic health records (EHRs)?’ In order to achieve this, the following matters have been addressed in this article: (i) What is information security in the context of EHRs? (ii) Why is information security important for EHRs? and (iii) What are the current technologies for information security available to EHRs? It is concluded that current EHR security technologies are inadequate and urgently require improvement. Further study regarding information security of EHRs is indicated.

scholarly journals ISSUES OF AUTOMATION OF THE AUDIT IN ACCORDANCE WITH GOST R 57580.2-2018

2021 ◽  
Vol 6 ◽  
pp. 268-275
Author(s):  
Anastasia V. Sitskaya ◽  
Valeria A. Tabakaeva ◽  
Valentin V. Selifanov
Keyword(s):  
Information Security ◽  
Financial Market ◽  
Quantitative Assessment ◽  
Modern World ◽  
Security Audit ◽  
Huge Amount ◽  
Timely Manner ◽  
Qualitative And Quantitative ◽  
Entire Country ◽  
Individual Client

The modern world can be characterized by a huge amount of information and computerization of all spheres of human activity. But one of the most valuable information can be considered the information that concerns financial organizations. There are incidents of information security in financial organizations that can lead not only to the violation of the interests of an individual client, but also to the crisis of the financial market of the entire country. Information security audit allows you to detect violations in the organization's information system in a timely manner, which significantly increases the security of information. Often, timely and rapid receipt of a qualitative and quantitative assessment of the level of security allows you to avoid an incident. To improve the accuracy of estimates and reduce the time of their receipt, the application "Audit57580" was developed, the relevance of which is discussed in detail in the article.

scholarly journals Developing a procedure for conducting a security audit of a software package for predicting storage system failures

2018 ◽  
Vol 245 ◽  
pp. 10007 ◽  
Author(s):  
Marina Bolsunovskaya ◽  
Svetlana Shirokova ◽  
Aleksandra Loginova ◽  
Mikhail Uspenskij
Keyword(s):  
Information Security ◽  
Data Storage ◽  
Software Package ◽  
Storage Systems ◽  
Storage System ◽  
Current Situation ◽  
Security Audit ◽  
System Failures ◽  
Audit System ◽  
Software And Hardware

The aim of the work is to develop a procedure for conducting an information security audit of the software system for predicting data storage failures in order to identify existing threats to information security, evaluate information security tools, and improve the efficiency of existing information security tools and introduce new ones. It is necessary to monitor the current situation to ensure information security in organizations where data storage systems are used. For this purpose, an audit system has been developed, including both organizational measures and software and hardware parts.

The Social Side of Security

2011 ◽  
pp. 140-150 ◽  
Author(s):  
Richard G. Taylor
Keyword(s):  
Social Issue ◽  
Information Systems ◽  
Information Security ◽  
New Technologies ◽  
Security Threats ◽  
Current Information ◽  
New Methods ◽  
The Social ◽  
Organizational Information ◽  
Social Side

The introduction of new technologies to accumulate large amounts of data has resulted in the need for new methods to secure organizational information. Current information security strategies tend to focus on a technology-based approach to securing information. However, this technology-based approach can leave an organization vulnerable to information security threats. Organizations must realize that information security is not necessarily a technology issue, but rather a social issue. Humans operate, maintain, and use information systems. Their actions, whether intentional or accidental, are the real threat to organizations. Information security strategies must be developed to address the social issue.

Sign in / Sign up

Export Citation Format

Share Document