Functional modeling of the organization’s information securityculture state monitoring system development

Abstract

The mass transition to remote work, which triggered the quarantine and then military actions on the territory of Ukraine, led to new challenges to increase the level of information protection. In addition, permanent information and cyber-attacks create a persistent danger to physical and information systems. This, in turn, requires a clear understanding of the level of information security of various organizations, especially for critical infrastructure. An important component of the organization's information security is the information security culture of all participants in internal information processes. Such kind of influence is usually called the Human Factor.The paper`s aimreveals withtwo goals.The firstgoalis the information processes functional modeling of the information security culture level assessment automation as a part of the overall organization`s security system.The second part consists inthe information security system of project (ISSoP) maturity model developmentto provide the vital level of trust to organization within project activities.The functional model of system development presents a number of separate processes: the formation of questionnaires, data collection, and assessmentof information security culture at the personal, department and organizational levels. Defined input and output data, mechanisms, models, methods and control elements for each process. This model can be included as a component of the system for determining the level of the common organization`s information security system.The maturity stages ofthe information security culture ina project include different Info-Sec activities at various stages of its life cycle. Such kind of activities need to be taken into account while developing organization`s information security systems.