OBJECTS OF INFORMATION SECURITY AUDIT AND DIRECTIONS OF THEIR VERIFICATION
Abstract and keywords
Abstract (English):
Th e article is devoted to the study of information security audit objects, which include information stored and processed at the enterprise; information resources on which information is stored; information channels through which information is transmitted; soft ware used to process information; legal and technical documentation on hardware and soft ware and means of physical protection of information, as well as the characteristics of the stages of the audit of such objects. Th e article concludes that in view of the continuous and dynamic development of information objects in companies, there is a need to group such objects and form, on its basis, the main elements of information security audit.

Keywords:
economic control; audit; information security; audit objects; information; information resources; information channels; software; legal and technical documentation; means of physical protection of information
References

1. Federal'nyy zakon RF ot 27 iyulya 2006 g. № 149-FZ «Ob informacii, informacionnyh tehnologiyah i o zaschite informacii».

2. Zakon RF ot 21.07.1993 № 5485-1 «O gosudarstvennoy tayne».

3. Federal'nyy zakon ot 29.07.2004 № 98-FZ «O kommercheskoy tayne».

4. Ukaz Prezidenta RF ot 6 marta 1997 g. № 188 «Ob utverzhdenii perechnya svedeniy konfidencial'nogo haraktera».

5. Konfidencial'naya informaciya i sposoby ee zaschity [Elektronnyy resurs]. URL: https://www.business.ru/article/2034-konfidentsialnaya-informatsiya-vidy (data obrascheniya: 20.10.2021).

6. Reglament FNS Rossii № SAE-Z-13848@ «Ob obmene elektronnymi dokumentami».

7. Kommercheskaya tayna predpriyatiya - chto eto, otlichie ot konfidencial'noy informacii - Delo [Elektronnyy resurs]. URL: https://okarb.ru/oplata-truda/kommercheskaya-tajna-predpriyatiya-chto-eto-otlichie-ot-konfidentsialnoj-informatsii.html (data obrascheniya: 20.10.2021).

8. Kak pravil'no provodit' audit vnutrenney informacionnoy bezopasnosti? [Elektronnyy resurs]. URL: https://www.staffcop.ru/blog/pravila-audita-vnutrennej-informatsionnoj-bezopasnosti (data obrascheniya: 20.10.2021).

9. Grazhdanskiy Kodeks RF ot 26 yanvarya 1996 goda № 14-FZ.

10. Nalogovyy Kodeks RF ot 31 iyulya 1998 goda № 146-FZ.

11. Shikina V.E. Tehnicheskaya dokumentaciya informacionnyh sistem: uchebnoe posobie. - Ul'yanovsk : UlGTU, 2018. - 92 s.

Login or Create
* Forgot password?