Abstract:
To solve the problem of information security management the method was proposed that allows determining the degree of importance of confidential documents of the organization. The urgency of the proposed algorithm was substantiated taking into account the requirements of the legislation of the Russian Federation in the sphere of information security. The stages prior to the formation of the list of confidential documents of the organization were described. A review of the main documents of the legal and regulatory framework was carried out including documents relating to the state regulation of relations in the sphere of information security. The classes of protected information for the accessing categories were considered. The criteria changes of the value of information in the process of time were represented. The algorithm of formation of the list of confidential documents of the organization based on the properties of information was offered. The algorithm is based on an expert method of pair comparison of alternatives. The result of the use of this method is a number of confidential documents, ranked in descending order of importance. For each document the weighting factor of importance can be calculated. The verification stage of the degree of expert consistency was included in the methodology to eliminate the use of erroneous expert data. The application of the methodology is illustrated by a calculated example.
Keywords:information security, the value of the document, expert methods.