Models of Complex Industrial Facilities Assessment Based on Risk Approach
The problem of forming models for providing complex industrial facilities assessment is relevant because different slants to forming IT-security management systems budget are exist. The models of complex industrial facilities assessment based on risk-based approach for fuel and energy complexes and airport complexes, and importance of realization the PDCA cycle noted. This approach increases speed of IT-security audits process, increase the reaction from management and increase the total IT-security level. It is shown that an ultimate goal of application setting of IT-security controls is decreasing potential damage concerning the chosen assets of complex industrial facilities. The received results can find application during the full lifecycle including forming, assessment and optimization of the IT-security management system and budget justification. Application of the received results can be demanded when forming models and methods of internal audit and monitoring the objects being under influence of threats of IT-security violation.
Keywords: audit, information security, the integrated system of management, risk management.
JEL Classifications: G32, L15, M15