Decision-Making based on Enterprise's Information System's Monitoring Data

Abstract

The development of large-scale systems in modern conditions is not possible without the application of information technology. But then there is the problem of ensuring the security of the functioning of applied information systems and resources circulating, stored and processed in them. Because of the operation in large-scale system, the information security system is also a large and complex system. Therefore, the management of the information security system should be added to the management of the system itself. The most important stage of management is decision-making. Decision support systems are widely used in the field of management and are just beginning to find their application in the field of information security. There are different approaches to decision support. But all of them involve the generation of solutions based on the analysis of big data. This article proposes an approach to decision-making based on information system's security monitoring data. To automate the decision-making process based on the results of event monitoring, software package is proposed. In article the formal model and architecture of software is considered. The result of the software functioning is an integrated assessment of the current security level of information system. The assessment is formed through the analysis of private security indicators obtained on the basis of periodic monitoring data.