TY - JOUR AU - Kukharska, Nataliia AU - Polotai, Orest PY - 2019/12/30 Y2 - 2024/03/29 TI - Information security aspects of business continuity management JF - Collection "Information Technology and Security" JA - ITS VL - 7 IS - 2 SE - INFORMATION SECURITY DO - 10.20535/2411-1031.2019.7.2.190555 UR - https://its.iszzi.kpi.ua/article/view/190555 SP - 126-136 AB - <p class="western" style="text-indent: 1cm; margin-bottom: 0cm; line-height: 100%;" align="JUSTIFY">Most of modern enterprises use information infrastructure and corporate information systems to organize their businesses. Continuity of business processes, availability and integrity of data and the activity of the organization as a whole depend directly on the reliability and security of their functioning. The article deals with the issues of ensuring the sustainability of basic business processes and information security of organizations to the negative impacts of natural, man-made, economic, social nature emergencies, as well as the issue of recovery of business and the necessary level of continuity in information security during and after situations that hindered the regular functioning of the organization, taking into account the nature and extent of their impact. In the first case, the task of managing business continuity is preventing a risky event, developing and implementing preventative measures. In the second case, the task of managing business continuity is reducing the impact of negative consequences, that caused interruption of activity of organization, reducing the time it takes to replace assets, and reducing the costs related to the replacement. The evolution of approaches to ensure the continuity of the business is described. An overview of standards and other regulations, where best practices in building business continuity management systems are reflected, are done. In the context of the process model of management, the main stages of business continuity management, which consist in the sequential implementation of the closed cycle “Plan – Do – Check – Act”, namely: the processes of planning, implementation, maintenance, monitoring, analyzing and improving the performance of business continuity management system, are considered. Attention is drawn to the fact that organizations within this system must develop, document, implement and maintain security procedures and security measures to ensure the necessary level of information security continuity in the face of threats and destabilizing factors of various nature. Conclusions have been made regarding the benefits that organizations gained due to developed and implemented a business continuity management system that has measures for information security.</p> ER -