Ðóñ Eng Cn Translate this page:
Please select your language to translate the article


You can just close the window to don't translate
Library
Your profile

Back to contents

Trends and management
Reference:

Shultz V. L., Kulba V. V., Shelkov A. B. Information security audit of automated control systems

Abstract: This work focuses on analyzing technologies and development of models and methods for increasing the efficiency of information security audit of automated systems. The authors list the methods for information security audit, as well as describe the major stages of information security control system audit, including comprehensive examination of the system, analysis of existing risks and developing recommendations list for improving information resource security systems. The authors raised and solved the problem of increasing efficiency of organizing information security audit while minimizing audit risks. The audit process is presented as a set of audit procedures, interrelated via time and information. To analyze and evaluate audit risk, the authors introduce the definition of “standard pattern of audit data processing”, according to which the audit data processing is divided into processing itself, error control and correction, or, failing that, requesting additional base information necessary for the completion of the audit. The article’s methodology basis consists of the systematic method, the structural and functional method, the comparative approach, analysis, synthesis, induction, deduction, modeling and observation approaches. The task of optimizing the audit process involves making the right choices regarding information processing technologies for audit data, which would ensure minimal errors in results. The authors offer models and methods of efficiency analysis, substantiation and choice for design solutions to enhance information security, using vector stratification to pick the right solution out of the multitude of alternatives.


Keywords:

information security, automated system, audit, audit risk, standard pattern, control, design solution, comprehensive evaluation, targeted selection, vector stratification


This article can be downloaded freely in PDF format for reading. Download article

This article written in Russian. You can find original text of the article here .
References
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.