Ensuring the security of information systems of organizations and regulating activities in the field of their protection

Abstract

The article describes the fact that in the modern world one of the global problems for companies have become cyberattacks, representing a serious danger to their activities. As the most important directions of solving this problem is called the need for the development and approval of the companies of strategy of protection of information systems, including antivirus software. A great contribution to the solution of this problem was made by the law on combating violations of financial and operational discipline by the heads of companies trading on the stock exchanges, called SOX, adopted in the United States in 2002. Research and practical experience with a large number of projects requiring SOX compliance show that information technology is becoming a priority tool for ensuring the reliability of the internal control system, especially over the preparation of financial statements of organizations. The use of the software quickly recoups the cost of its installation by improving the efficiency of control, while the refusal to automate the processes and procedures of control results in unforeseen costs and risks. Therefore, organizations-participants of foreign economic activity, wishing to comply with the requirements of the SOX law, it is necessary to carry out a preliminary assessment of ensuring a sufficiently high degree of integration of the financial reporting process with the process of its phased control. Integration of financial statements with the internal control system makes it possible to actively display the current state and efficiency of the internal control system in relation to the reporting, creating conditions for monitoring potential risks and analysis of information on financial results, as well as to automate the process of preventing unauthorized records and other deviations. In the light of the considered issue, one of the most important components of the documents attached to the annual financial statements and the recognition of the company's responsibility for the accuracy of its information, is the report on the results of the audit of the effectiveness of internal control over the preparation of reports.