CONCEPTUAL MODEL OF INFORMATION SECURITY AUDITOBJECT
( Pp. 92-95)
More about authors
Voevodin Vladislav A.
kandidat tehnicheskih nauk; docent kafedry informacionnaya bezopasnost
National Research University of Electronic Technology (MIET)
National Research University of Electronic Technology (MIET)
Abstract:
The holder of information to protect the information must identify and manage numerous activities to ensure information security. The efficacy of decisions depends on the completeness, reliability and timeliness of information on the situation of information security, which is extracted in the course of the audit. Currently, the information security audit is carried out on the basis of generalization of empirical knowledge and experience, which are enshrined in practical recommendations and standards. However, the achievements of fundamental science for these purposes are not applied in full, in the absence of theoretical research in this area. The article presents a conceptual model of audit that contains aggregated and detailed diagrams and formal statement of task: conclusion of the audit evidence and the conversion of audit evidence in the audit report. Finally, it provides recommendations for the practical application of the results obtained and directions for further research.
How to Cite:
Voevodin V.A., (2019), CONCEPTUAL MODEL OF INFORMATION SECURITY AUDITOBJECT. Computational Nanotechnology, 3 => 92-95.
Reference list:
Programma TSifrovaya ekonomika Rossiyskoy Federatsii . Utv. rasporyazheniem Pravitel stva Rossiyskoy Federatsii ot 28 iyulya 2017 g. № 1632-r. URL: http://static.government.ru/ media/files/9gFM4FHj4PsB79I5v7yLVuPgu4bvR7M0.pdf
Federal nyy zakon ot 27 iyulya 2006 g. № 149-FZ Ob informatsii, informatsionnykh tekhnologiyakh i o zashchite informatsii . Prinyat Gos. Dumoy 8 iyulya 2006 g., odobren Sovetom Federatsii 14 iyulya 2006 goda. URL: http://www.rg.ru/2004/08/05/ taina-doc.html
GOST R ISO/MEK 27005-2006. Informatsionnaya tekhnologiya. Metody i sredstva obespecheniya bezopasnosti. Menedzhment riska informatsionnoy bezopasnosti. Trebovaniya. Vved. 2010.11.31 № 632-st. M.: Standartinform, 2010. 45 s.
Federal nye pravila (standarty) auditorskoy deyatel nosti. Utv. Postanovleniem Pravitel stva Rossiyskoy Federatsii ot 23 sentyabrya 2002 g. № 696. URL: http://www.consultant. ru/document/cons doc LAW 38848/c7ec6185d8385c6db11fb780d84e427706f521da/
Kochinev YU.YU. Audit: teoriya i praktika Tekst predostavlen pravoobladatelem. URL: http://www.litres.ru/pages/biblio book/ art 427352. Audit: teoriya i praktika. 5-e izd. SPb.: Piter, 2010. ISBN 978-5-49807-579-2.
Kurilo A.P., Zefirov S.L., Golovanov V.B. i dr. Audit informatsionnoy bezopasnosti. M.: Izdat. gruppa BDTS press , 2006. 304 s., s vkl.
GOST R ISO/MEK 27007-2006. Informatsionnaya tekhnologiya. Metody i sredstva obespecheniya bezopasnosti. Rukovodstva po auditu sistem menedzhmenta informatsionnoy bezopasnosti. Trebovaniya. Vved. 2014-11-06 № 563-st. M.: Standartinform, 2014. 23 s.
Kurilo A.P., Miloslavskaya N.G., Senatorov M.YU., Tolstoy A.I. Osnovy upravleniya informatsionnoy bezopasnost yu: ucheb. posobie dlya vuzov. M.: Goryachaya liniya - Telekom, 2014. 244 s.: il.
Federal nyy zakon ot 27 iyulya 2006 g. № 149-FZ Ob informatsii, informatsionnykh tekhnologiyakh i o zashchite informatsii . Prinyat Gos. Dumoy 8 iyulya 2006 g., odobren Sovetom Federatsii 14 iyulya 2006 goda. URL: http://www.rg.ru/2004/08/05/ taina-doc.html
GOST R ISO/MEK 27005-2006. Informatsionnaya tekhnologiya. Metody i sredstva obespecheniya bezopasnosti. Menedzhment riska informatsionnoy bezopasnosti. Trebovaniya. Vved. 2010.11.31 № 632-st. M.: Standartinform, 2010. 45 s.
Federal nye pravila (standarty) auditorskoy deyatel nosti. Utv. Postanovleniem Pravitel stva Rossiyskoy Federatsii ot 23 sentyabrya 2002 g. № 696. URL: http://www.consultant. ru/document/cons doc LAW 38848/c7ec6185d8385c6db11fb780d84e427706f521da/
Kochinev YU.YU. Audit: teoriya i praktika Tekst predostavlen pravoobladatelem. URL: http://www.litres.ru/pages/biblio book/ art 427352. Audit: teoriya i praktika. 5-e izd. SPb.: Piter, 2010. ISBN 978-5-49807-579-2.
Kurilo A.P., Zefirov S.L., Golovanov V.B. i dr. Audit informatsionnoy bezopasnosti. M.: Izdat. gruppa BDTS press , 2006. 304 s., s vkl.
GOST R ISO/MEK 27007-2006. Informatsionnaya tekhnologiya. Metody i sredstva obespecheniya bezopasnosti. Rukovodstva po auditu sistem menedzhmenta informatsionnoy bezopasnosti. Trebovaniya. Vved. 2014-11-06 № 563-st. M.: Standartinform, 2014. 23 s.
Kurilo A.P., Miloslavskaya N.G., Senatorov M.YU., Tolstoy A.I. Osnovy upravleniya informatsionnoy bezopasnost yu: ucheb. posobie dlya vuzov. M.: Goryachaya liniya - Telekom, 2014. 244 s.: il.
