BASIC REQUIREMENTS FOR INFORMATION PROTECTION PLANNING IN INFORMATION AND TELECOMMUNICATION SYSTEMS AT AN ENTERPRISE

Today, the information protection at any enterprise is becoming one of the most urgent tasks because of the extremely wide use of various information processing systems, expansion of local and global computer networks, which transmit huge amounts of commercial information, which is owned by one who would not like any stranger to be acquainted with it. After analyzing scientific publications, we have come to the conclusion that with the increase of information processing in information and telecommunication systems, there is an urgent need to create an information protection service at an enterprise. The activities of the company's information protection service should be planned and regulated by local norms created and approved by the company's management, based on which it is advisable to comply with national legal norms of information security and use the recommendations of ISO 2700 series' international standards. The creation of the information protection service at the enterprise aims at organizational support of the following tasks, such as: planning, management of the complex system of information protection in information and telecommunication systems and control over its functioning. The information protection service must carry out its activities in accordance with the «Information Protection Plan in Information and Telecommunication Systems», calendar, long-term and other work plans approved by the head (deputy head) of the enterprise. The information protection plan in information and telecommunication systems is a set of documents according to which the information protection organization at all stages of the information and telecommunication system life cycle is being carried out. In enterprises where the staffing schedule does not provide for the establishment of an information security service, measures to ensure the information protection in information and telecommunications systems may be carried out by employees appointed by the head of the enterprise' order [4].