To obtain access to full text of journal and articles you must register!
- Article name
- Methodology for assessing trust in the information security audit process based on the analysis of process artifacts
- Authors
- Ivanov A. V., , andrej.ivanov@corp.nstu.ru, Samara State Technical University, Samara, Russia
Ognev I. A., , i.ognev@corp.nstu.ru, Novosibirsk State Technical University, Novosibirsk, Russia
- Keywords
- audit / audit process / trust / trust assessment / trust in the audit process / trusted interaction / information security / cybersecurity
- Year
- 2025 Issue 3 Pages 33 - 47
- Code EDN
- BDACYX
- Code DOI
- 10.52190/2073-2600_2025_3_33
- Abstract
- Relevance of the research: currently, existing methods for assessing trust can provide answers to questions of trust only in relation to certain categories of objects - software, software, hardware or hardware complexes, users of information systems. To date, the issues of assessing trust in large organizational units, such as processes or organizations, are poorly developed. The purpose of the work is to develop trust indicators and methods for calculating them for applying a methodology for assessing trust in the information security audit process based on the analysis of process artifacts. Methods and technologies used: in the course of the research, the Harrington desirability function, elements of graph theory, elements of Petri nets, elements of probability theory (Monte Carlo method), and the expert evaluation method were used. Result: a methodology for assessing trust in the information security audit process has been developed, consisting of assessments of structural integrity, effectiveness of planning and execution stages, and maturity, which allows for a quantitative assessment of the degree of completeness of the process organization. Related auxiliary methods for assessing trust indicators have also been developed: structural integrity, effectiveness of planning and execution stages, maturity. The practical significance of the work lies in the possibility of applying the developed methodology for assessing trust in the audit process to self-diagnose the audit process within an organization to clearly demonstrate the bottlenecks in the audit process and, as a result, the possibility of redistributing resources between different stages of the audit process.
- Text
- BUY for read the full text of article
- Buy
- 500.00 rub
