THE ORGANIZATIONAL PRINCIPLES OF INFORMATION PROTECTION MANAGEMENT SYSTEM REALIZATION
Journal: MEST Journal (Vol.7, No. 2)Publication Date: 2019-07-15
Authors : Valeryi Sereda Zinaida Zhyvko Olga Balynska Taras Rudyi.;
Page : 73-78
Keywords : information; regulatory framework; the legislation of Ukraine; management system; security system; international standard; risk; safety; protection; management of information.;
Abstract
In the modern world, information protection is a driving force at the state level. Therefore, it is necessary to effectively form the system of control of information protection following international standards. The objective of the paper is an explanation of the importance of aligning of the existing regulatory framework with the requirements of the international ISO/IEC standards for the development of information security policy and risk assessment in information protection. In the paper, there are discussed protection (information technology and management of the use of information security management system), and security (for information technology, security techniques, requirements for audit and certification bodies, information protection). The management of information flows between users, processes, and objects' needs to be carried out only by specially authorized users (administrators). The article clarifies that the existing regulatory framework should be substantially changed because it does not specify requirements for the development of information security policies and information protection (IP) risk assessment. Four basic security criteria are presented: accessibility, integrity, confidentiality, and observation. In conclusions, there is proposed adoption of ISO/IES standards series 27000 to get an opportunity to legally participate in the state or private certification of technical systems for information protection (TZI) or develop their own qualitatively new security standards and policies.
Other Latest Articles
- POSTCRISIS FINANCIAL MANAGEMENT OF THE EUROPEAN UNION
- EFFICIENCY OF BUDGET EXPENDITURES IN RUSSIA AND NORWAY
- THE FIVE STAGES OF BUSINESS PROCESS MANAGEMENT MATURITY MODEL
- RESEARCH ON CONSTRUCTION OF NINGBO NATIONAL TECHNOLOGY TRANSFER DEMONSTRATION PLOT WITH CEE FEATURE
- CRITICAL INFRASTRUCTURE PROTECTION SPECIFICATIONS IN THE TRANSPORT SECTOR
Last modified: 2019-07-15 20:40:59