CONTROL OF ENERGY EFFICIENCY IN INDUSTRY AND HOUSING AND COMMUNAL SERVICES
Sign | Register
UDC 004
Model of control policy of awareness of the organization staff in the field of information security
L.V. Astakhova, SUSU
N.L. Ulyanov, SUSU
Abstract
The concept of awareness of employees in the field of information security is determined on the basis of the international standards on the control of information security, and also the model of Policy of cotrol of awareness of employees in the field of information security is proved.
Keywords
awareness, information security, management, policy, model
References
1. ISO/IEC 27002:2013.Information Technology. Security Techniques. Code of Practice for Information Security Controls.
2. STOBRIBBS-1.0-2014. Standart Banka Rossii. Obespechenie informatsionnoy bezopasnosti organizatsiy bankovskoy sistemy Rossiyskoy Federatsii. Obshchie polozheniya [STOBRIBBS-1.0-2014. Standard of Bank of Russia. Ensuring information security of the organizations of a banking system of the Russian Federation. General provisions].
3. NIST SP 800-50. Building an Information Technology Security Awareness and Training Program.