A risk-oriented approach to the management of information security at the enterprise

Abstract

The article is devoted to the study of the problems of the risk-oriented approach in the management of information security of the enterprise. The article analyzes the main characteristics of information security management at the current stage; the requirements of regulatory and methodological documents regarding the organization of information security management at the enterprise were studied; the main processes and components of the management organization are disclosed; the organization of management using a risk-oriented approach was studied.