Open AccessCybersecurity audit technology of corporate information system according to ISO / IES: 27001
Author(s) -
S. Kovalenko,
AUTHOR_ID,
Ye. S. Smolyev,
O. A. Bargylevych
Publication year - 2021
Publication title -
sučasnij zahist ìnformacìï
Language(s) - English
Resource type - Journals
ISSN - 2409-7292
DOI - 10.31673/2409-7292.2021.032935
Subject(s) - cobit , information technology audit , audit , computer security , information security audit , information security management system , information security , work (physics) , information technology , accounting , business , information system , computer science , information technology infrastructure library , internal audit , engineering management , joint audit , engineering , security service , security information and event management , cloud computing security , cloud computing , mechanical engineering , electrical engineering , network security policy , operating system
The problem of cybersecurity of corporate information systems is analyzed in the work and the purpose and tasks of their protection are defined. An analysis of existing technologies for cybersecurity audit of corporate information systems and international standards that describe them. The methods of conducting cybersecurity audit according to the methods of international standards ISO / IEC 27001, ISO / IEC 19011 and COBIT are studied. The types, principles and main stages of cybersecurity audit are identified. On the basis of the researches carried out in the work the variant of technology of carrying out of audit of cybersecurity of corporate information systems by a technique of the international standards is developed. Recommendations for the application of the technology variant of the cybersecurity audit of corporate information systems have been developed.