期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2018
卷号:96
期号:15
出版社:Journal of Theoretical and Applied
摘要:The article is reviewing available approaches that make it possible to solve the problem of effectiveness among information security systems. Ensuring information security has become an important element in an enterprise sustainable development. At the same time, there is an arising question of a proper assessment for an information security level and its indicators. With an example of enterprises from the same sector, the research shows that effectiveness of an information security profile is mostly the same. This makes it possible to use universal tools when companies design and establish information protection. In the review of literature, there is a discussion of identification issues of information risks and threats and a proposed comprehensive evaluation technique. Elaborating the approach, there is a further definition of maturity levels in IT infrastructure of business processes. Findings make it possible to conclude that management levels in corporate information security in the same sector are the same. Minor differences are in place because of size effects and various investment costs that a company has to establish the information security system. The analysis of results shows heterogeneous effectiveness in information security profiles among companies when their implement investment projects focused on modernization.
关键词:Information security; Construction sector; Security profile; Risks; Uncertainty.
