METHODOLOGICAL APPROACHES TO THE SYSTEM DEVELOPMENT OF THE ENTERPRISE’S INFORMATION SECURITY MANAGEMENT

Information and informational systems, networks in which it operates, are important resources of the enterprise. Their availability, integrity and confidentiality can be of particular importance to ensure the competitiveness of the enterprise, profitability, compliance with legal norms and the enterprise's image. Today's enterprises are not safe from security breaches due to a number of factors. At the same time, due to the increasing dependence of enterprises on informational, communication systems and services, they may become more vulnerable to security breaches. The article studies the theoretical foundations and methodological approaches to information security management of the enterprise. Namely: the essence of the information protection policy has been determined and the main characteristics of information security management have been singled out, the basic principles and processes in information security management have been studied.