АУДИТ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ ДЛЯ ЗАХИСТУ ІНФОРМАЦІЙНИХ АКТИВІВ ПІДПРИЄМСТВ В УМОВАХ ГЛОБАЛЬНИХ ВИКЛИКІВ

Abstract

In the modern conditions of global challenges, along with climate action failure, extreme weather, human environmental damage, there are cyberattacks and data fraud or theft, the spread of infectious diseases (pandemics), which resulted in the activation of digitalization processes of social, economic and political processes in general and business entities financial and economic activity in particular. Modern business processes cannot be imagined without the use of information assets, because today they are becoming the most valuable resource for business development. However, in the conditions of modern global challenges and the state of war, there are more and more threats associated with the loss of access by business entities to the information assets of their own business, therefore the topic of enterprise information protection is an urgent issue that requires research and practical recommendations development. The aim of the research is analysis the enterprise's information security audit process and the development of practical recommendations for securing the enterprise's information assets in the global challenges conditions. The methods of the research: logical and meaningful method, methods of comparison, systematization, induction and deduction, analysis and synthesis, coefficient method. The hypothesis of the research was assumptions about the possibility of determining the state of information security of business assets through the enterprise vulnerability indicator and securing its information assets by conducting an information security audit. The statement of basic materials. The place of Ukraine in the World Digital Competitiveness Ranking was analyzed and the main weak points are identified. The model of building an information security system is presented. The enterprise information security indicators are considered. It is proposed to identify the state of security of the enterprise's information assets using the company's vulnerability indicator. It is proposed to conduct an audit of the enterprise's information security in four interrelated stages, which will make it possible to protect the company's information assets from potential threats and attacks by intruders. The originality and practical significance of the research confirmed by research and substantiation of the importance of the enterprises information assets protecting in the conditions of martial law and recommendations for the information assets securing from potential threats using the enterprise vulnerability indicator and conducting regular information security audit. Conclusions and perspectives of further research. It was determined that the company's information threats can be identified using a vulnerability indicator, and the company's information assets can be secured by applying an information security audit of its assets. Further research will be aimed at a more extensive analysis of factors that can influence the determination of the enterprise's vulnerability and the emergence of potential costs from cyber attacks and data theft.