The Organization of Information Systems Security in the Private Security Company

The theme of the final qualified work is "Organization of security systems for information systems in a private security company". Keywords: information system protection, information security. The object of the research is the enterprise information system. The subject of the research is methods and means of ensuring information security. Objective: to analyze the risks associated with the operation of the information system, to assess threats and identify a set of measures that ensure a sufficient level of IP security, and to develop recommendations for practical measures to ensure the security of information. Problems solved in the course of work: • conduct a study of the theoretical foundations of information security; • conduct a study of methodologies for risk analysis; • to analyze the threats to system security; • to offer practical recommendations on the adoption of measures to ensure the information security of the enterprise in this field of activity. To realize the goals and objectives used studies of network equipment and software in the field of protection of information systems, as well as studies of the issues of training and advising employees in the field of information security. Considered risk analysis methodologies. In order to identify a software tool that allows you to analyze the risks of information security, the following programs were chosen: CRAMM, CORAS, RiskWatch, MSAT, GRIF. The program CORAS was chosen. As a result of the analysis of risks associated with the operation of IP, the current level of protection and a set of measures ensuring a sufficient level of IP security have been identified, and recommendations have been developed for the adoption of practical measures to ensure the security of information.