SECURITY MANAGEMENT PLAN FOR INFORMATION ASSETS OF OBJECTS OF THE AVIATION TRANSPORT COMPLEX OF UKRAINE

Authors

DOI:

https://doi.org/10.18372/2410-7840.25.18227

Keywords:

information security, risk level, air transport complex, policies, confidentiality, availability, integrity, terms of reference, security systems

Abstract

Governing documents International Civil Aviation Organization (ICAO) define a safety management system as an element of corporate governance responsibility that defines a company's safety policy and its intentions to manage safety as an integral part of its overall business. Thus, the security management system (Security Management System, SeMS) is a part of the overall information asset management system of the aviation enterprise, which is based on risk analysis and is intended for the design, implementation, control, monitoring and improvement of measures in the field of information security. This system consists of organizational structures, policies, planning actions, responsibilities and procedures, processes and resources, and much more. An analysis of modern management measures of the information security system of air transport facilities based on international standards of the ISO series was carried out. A scenario for the implementation of the plan for managing the security of information assets of the air transport complex is proposed, which is based on the best experience of foreign countries.

References

Менеджмент у сфері захисту інформації/ Ромака В.А., Корж Р.О., Гарасим Ю.Р// Підручник: Львів: ЗУКЦ, 2013. 462 с.

Міщенко А.В., Козловський В.В., Васянович В.В. Методологія інформаційної безпеки в авіатранспортному комплексу// Вісник Хмельницького національного університету. Серія: технічні науки. 2015. № 2 (223). С. 178-181.

ICAO Aviation Security Manual (Doc 8973 – Restricted).

ДСТУ ISO/IEC 27001:2023. «Information security, cybersecurity and privacy protection. Information security management systems. Requirements».

ДСТУ ISO 9001:2018. «Системи управління якістю. Вимоги».

ДСТУ ISO/IEC 27701:2022. «Методи безпеки. Розширення до ISO/IEC 27001 та ISO/IEC 27002 для керування конфіденційною інформацією. Вимоги та настанови».

Downloads

Published

2023-12-24

How to Cite

Shulha, V., Mishchenko, A., Morklyanyk, B., Lazarenko, S., & Lishchynovska, N. (2023). SECURITY MANAGEMENT PLAN FOR INFORMATION ASSETS OF OBJECTS OF THE AVIATION TRANSPORT COMPLEX OF UKRAINE. Ukrainian Information Security Research Journal, 25(4), 213–221. https://doi.org/10.18372/2410-7840.25.18227

Issue

Vol. 25 No. 4 (2023): Ukrainian Information Security Research Journal

Section

Articles

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.