Abstract:
The application of Integrated Management Systems (IMS) is now attracting the attention of senior management of a variety of organizations: refineries, instrument-making enterprises, aviation enterprises, defense organizations, etc. However, performing ISM audits as a verification of conformance to different ISO standards with a substantial reduction or limitation of available resources remains a major problem.
At the same time, continuous improvement of management principles and, in particular, transition to risk-based thinking provide a greater interest in the rational use of ISO standards. In this article we suggest a technique of optimization of IMS audit program based on principles of continuous adaptation when collecting data during a single audit micro-cycle. An additional advantage of the proposed technique is the use of numerical metrics of IT-security audit, contributing to continuous improvement of the level of IT security in organizations.
Fulltext:
PDF file (1163 kB)