TECHNIQUE OF OPTIMAL AUDIT PLANNING FOR INFORMATION SECURITY MANAGEMENT SYSTEM
Annotation
Complication of information security management systems leads to the necessity of improving the scientific and methodological apparatus for these systems auditing. Planning is an important and determining part of information security management systems auditing. Efficiency of audit will be defined by the relation of the reached quality indicators to the spent resources. Thus, there is an important and urgent task of developing methods and techniques for optimization of the audit planning, making it possible to increase its effectiveness. The proposed technique gives the possibility to implement optimal distribution for planning time and material resources on audit stages on the basis of dynamics model for the ISMS quality. Special feature of the proposed approach is the usage of a priori data as well as a posteriori data for the initial audit planning, and also the plan adjustment after each audit event. This gives the possibility to optimize the usage of audit resources in accordance with the selected criteria. Application examples of the technique are given while planning audit information security management system of the organization. The result of computational experiment based on the proposed technique showed that the time (cost) audit costs can be reduced by 10-15% and, consequently, quality assessments obtained through audit resources allocation can be improved with respect to well-known methods of audit planning.
Keywords
Постоянный URL
Articles in current issue
- FROM THE HISTORY OF LASER CREATION
- DYNAMIC ESTIMATION FOR PARAMETERS OF INTERFERENCE SIGNALS BY THE SECOND ORDER EXTENDED KALMAN FILTERING
- IMPLEMENTATIONS AND PRACTICAL APPLICATIONS OF HYPERBOLIC METAMATERIALS
- OPTICAL DEFLECTOR CREATION FOR LASER THERAPEUTIC DEVICES
- PROXIMITY DEGREE FOR SIMPLE AND MULTIPLE STRUCTURES OF THE EIGENVALUES: OVERSHOOT MINIMIZATION FOR FREE MOTION TRAJECTORIES OF APERIODIC SYSTEM
- TRUST MODEL FOR INFORMATION SECURITY OF MULTI-AGENT ROBOTIC SYSTEMS WITH A DECENTRALIZED MANAGEMENT
- INFORMATION SECURITY ASSESSMENT FOR MULTI-AGENT ROBOTIC SYSTEM UNDER THE INFORMATION IMPACT
- TRAJECTORY CONTROL OF A SOLID BODY RELATIVE TO THE MOVABLE OBJECT
- DEVELOPMENT OF TRAJECTORY CONTROL SYSTEM FOR THE OMNIDIRECTIONAL MOBILE ROBOT
- STABILITY OF LINEAR MULTIAGENT SCALAR SYSTEMS AND ITS DEPENDENCE ON CONNECTIVITY GRAPH
- ADAPTIVE CONTROL OF TWO-LINK ROBOT MANIPULATOR BASED ON THE METHOD OF CONSECUTIVE COMPENSATOR
- INVESTIGATION OF MICRO AND NANOSTRUCTURE OF HYDROPHOBIC PLANTS SURFACE
- APPLICATION OF THE DIRECTED MUTATION TO CELLULAR AUTOMATA GENERATION PROCESS
- EXPRESS METHOD OF BARCODE GENERATION FROM FACIAL IMAGES
- THREE-MOMENT BASED APPROXIMATION OF PROBABILITY DISTRIBUTIONS IN QUEUEING SYSTEMS
- TECHNIQUE OF OPTIMAL AUDIT PLANNING FOR INFORMATION SECURITY MANAGEMENT SYSTEM
- METHODS FOR QUALITY ENHANCEMENT OF USER VOICE SIGNAL IN VOICE AUTHENTICATION SYSTEMS
- NETWORK SERVICES FOR DIAGNOSTIC OPTODIGITAL COMPLEX FOR TELEMEDICINE
- THERMAL SIMILARITY OF SPACE OBJECTS OF STANDARD CONFIGURATIONS
- THERMAL PROTECTION AND THERMAL STABILIZATION OF FIBER-OPTICAL GYROSCOPE INCLUDED IN STRAPDOWN INERTIAL NAVIGATION SYSTEM
- MONOBLOCK EMITTERS FOR MELTING OF SYNTHETIC FATTY ACIDS
- MULTI-AGENT APPROACH IN PREDICTION OF RELIABILITY PARAMETERS FOR ELECTRONIC MODULES
- SELECTION OF INFORMATION PROTECTION SYSTEM BY ENSURING THE COMPETITIVENESS OF ENTERPRISES
- THE ARCHITECTURE OF THE REMOTE CONTROL SYSTEM OF ROBOTICS OBJECTS
- THE SYSTEM OF TECHNICAL VISION IN THE ARCHITECTURE OF THE REMOTE CONTROL SYSTEM
- VIRTUAL COGNITIVE CENTERS AS INTELLIGENT SYSTEMS FOR MANAGEMENT INFORMATION SUPPORT OF REGIONAL SECURITY
- LASER SCANNING APPLICATION FOR DETECTION OF HUMAN POSTURE DISTORTION DURING MASS EXAMINATIONS
- CONCEPTUAL EXTENSION OF WEB SERVICES FUNCTIONAL DESCRIPTION
- TIMELINESS ASSESSMENT FOR IMPLEMENTATION OF THE CRITICAL REQUESTS IN TWO-LEVEL CLUSTERS