DEVELOPMENT OF COMMERCIAL ENTERPRISE SECURITY PROGRAM

With the continuous development of information technologies the question of effective information security management is becoming increasingly important. This article describes step by step development of the security program that allows effectively manage information risk of the organization. The attention is drawn to the important organizational features that need to be considered when building safety documents for their quality implementation and update.

программа безопасности, стратегическое планирование, управление рисками, система управления информационной безопасностью, контроль изменений

1. COSO Enterprise Risk Management - Integrated Framework [Elektronnyi resurs]. - Elektronnye dannye. - Rezhim dostupa: http://www.coso.org/guidance.htm. - Data dostupa: 5.03.2015.

2. Analiz podkhodov k verifikatsii funktsii bezopasnosti i mobil'nosti [Elektronnyi resurs]. - Elektronnye dannye. - Rezhim dostupa: http://ipv6.ispras.ru/Verification_of_security.pdf. - Data dostupa: 5.03.2015.

3. Shon Harris: CISSP All-in-One Exam Guide // McGraw-Hill.

4. Dhillon G. // Information Systems Journal. 2006. Vol. 16, № 3. P. 293-314

5. COBIT 5 [Elektronnyi resurs]. - Elektronnye dannye. - Rezhim dostupa: http://www.isaca.org/COBIT/Pages/COBIT-5-russian.aspx. - Data dostupa: 5.03.2015.