Open AccessMODERN TOOLS FOR INFORMATION SECURITY SYSTEMS
Author(s) -
Nazerke Baisholan,
K.E. Kubayev,
T.S. Baisholanov
Publication year - 2021
Publication title -
izvestiâ nacionalʹnoj akademii nauk respubliki kazahstan. seriâ fiziko-matematičeskaâ/izvestiâ nacionalʹnoj akademii nauk respubliki kazahstan. seriâ fiziko-matematičeskaâ
Language(s) - English
Resource type - Journals
eISSN - 2518-1726
pISSN - 1991-346X
DOI - 10.32014/2021.2518-1726.2
Subject(s) - information security management , cobit , computer science , information security , information security management system , information security standards , computer security , risk analysis (engineering) , vulnerability (computing) , security information and event management , information system , information security audit , standard of good practice , security testing , asset (computer security) , security service , information technology , cloud computing security , business , engineering , network security policy , cloud computing , electrical engineering , operating system
Efficiency of business processes in modern organizations depends on the capabilities of applied information technologies. The article describes and analyzes the role and features of audit tools and other methodological tools and models in ensuring the quality and security of information systems. The standard’s principles are reviewed, as well as the importance of meeting business needs. In order to protect virtual values in a company’s system environment, the importance of using information security models is revealed. Practical proposals in risk management and information security in information technology are analyzed through the COBIT standard. Measures for protecting the information system of an organization from accidental, deliberate or fake threats are considered. The possibility of using one of the real information security models by the information recipient or provider in accordance with the requirements of external processes is reported. Furthermore, in connection with increase in the number of attack methods and techniques and development of their new tools and vectors, the need to improve and ways to ensure information security are being considered. The essential tasks of security audit are considered, and the stages of their implementation are described. With regard to security of information systems, an analytical model is proposed for determining vulnerability’s numerical value.