Evaluation of IT-security Assurance in a Credit Organization

Evaluation of IT-security Assurance in a Credit Organization

연구 분야: Verification

학회: 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS)

The paper describes a method for assessing the level of Information security in a credit organization in the Russian Federation and in the World. Given the increasing risks of disrupting the regular functioning of the IT-infrastructure in credit organization, it is important and relevant to consider the problem of obtaining objective and operational numerical estimates of the IT-security level. At present, it is not enough to use only existing static fixed threat models and objectively it is necessary to move to a new assessment methodology based on risk-oriented standards that provide estimates of the effectiveness of the measures taken. The results obtained can be used for evaluating compliance with IT-security requirements for credit organization.