Abstract

In the context of ensuring information security (cybersecurity) of enterprises and critical infrastructure institutions, which include state enterprises (institutions) providing services for metrological support, conformity assessment, and standardization, the development of systemology and the implementation of an information security management system (ISMS) based on the principles of system process-oriented approach is a highly relevant task. The article concludes with the need for further substantiated research in this direction based on a critical analysis of well-known scientific studies (publications) of domestic and foreign scientists. First of all, this concerns the solution to the problem of identifying a set of information security objects in enterprises' managerial and technological processes systems. Since this system belongs to the «complex system» category, it becomes relevant to study the systemology of the enterprise ISMS as a systematic combination of its information and organizational resources. In this regard, the basis of the conducted research is the conceptual system statement that ISMS is an integral part of the enterprise's general management system. In the context of this statement, the author's vision for implementing the requirements of the current DSTU standard ISO/IEC 27001:2023 regarding the construction of ISMS based on the principles of system and process approach is outlined. For this, a number of system definitions and corresponding models are proposed, making it possible to implement the specified requirements of the standard within the framework of the proposed pyramid model of process-oriented enterprise management. Within the framework of the specified model, the author's interpretation of the definition of the concept «Enterprise Information field» is formulated, on the basis of which a structural task-solving staging model of ensuring enterprise information security is proposed.

Full Text

Published Version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.