G.P. Zhigulin - Ph.D. (Eng.), Associate Professor, Institute for Integrated Military Education, St. Petersburg National University Information Technologies, Mechanics and Optics. E-mail: ikvo@grv.ifmo.ru

The article presents the results of studies to identify and systematize the basic components of information security management processes at functional groups in accordance with the provisions of this method of information security management. To develop a model of information security methodology used description of system objects based on the process approach. Provided with separate functional groups carried out the analysis and description of the processes related to information security. Information security management is based on the provisions of the theory of expert systems. The paper presents the general structure of the constituent processes of information security management, broken down by functional groups and their generalizations based on the theory of expert systems.

 

1. GOST R ISO/MEHK 27000 «Metody i sredstva obespechenija bezopasnosti. Sistemy menedzhmenta informacionnojj bezopasnosti. Obshhijj obzor i terminologija». 2009.
2. Dzharratano Dzh., Rajjli G. EHkspertnye sistemy: principy razrabotki i programmirovanie: Per. s angl. M.: Izdatelskijj dom «Viljams». 2006. 1152 s.
3. ISO/IEC 27001:2013, Information technology - Security techniques -Information security management systems - Requirements.