際際滷

際際滷Share a Scribd company logo

IS Risk Governance&Management

A
Anastasiia Konoplova

The approach, tools and practice, how to take decisions on information security in uncertain business environment.

1 of 17
Downloaded 17 times
丕仗舒于仍仆仆 亳亰亳从舒仄亳 磻 于亳亰仆舒舒亳 仗仂亳亠亳 舒 仂从仗仆 仆于亠亳亶 于 亰 仂亞仍磲 仆舒 亳亰亳从亳 弍亰仆亠舒 1
丕仗舒于仍仆仆 亳亰亳从舒仄亳 仄亠仆亳亳 仆亠于亳亰仆舒亠仆 仗亳 亟仂磪仆亠仆仆 丐 2 ISO 31000:2018 COSO ERM 2017 弌丐 2019 于 仂仗亠舒 仗亳 仗亳亶仆 亠仆 于 弍亰仆亠-仗仂亠 于 亟磿仆仂 仂亞舒仆亰舒 仂仗亠舒 亠仆仆 弍亰仆亠-仗仂亠舒 亟磿仆仂 仂亞舒仆亰舒 仗仂于磶舒仆 亰 亳仆从仂仄, 从仂仆舒亞亠仆仂仄, 亠仆仂仍仂亞, 亠亞仍ミ火夷出術礆, 仍ミ莞湖出粧, 从舒仆仂, 仗仂仍亳从仂, 仗仂亞仂亟仂 WEF 2020
弌舒仆亠 丐 仂亞舒仆亰舒 亠亰仗亠从舒 3 束弌从仍舒亟仆舒 亳亠仄舒損, 亰舒 亰舒仄仂于舒仆仆礆 于亟从亳舒 仄舒亠仄舒亳仆亳亶 舒仗舒舒 仂舒亳仆亠 仄仂亟亠仍ミ火夷出術 仂亳仆舒 亰 于亳亰仆舒亠仆仆 仗亠亳仄亠 舒 仄舒 亞舒舒仆于舒亳 亶仂亞仂 于仄 亠亠仄仆仂于舒仆仂 亰舒 亰舒仄仂于舒仆仆礆 丼仂仄 亰舒舒亰 从仍舒亟仆仂?
4
舒 仗亳仂亟仂 舒仆亳 丐: 仗亠于仆亳亶 仄仂仄亠仆 舒 舒从亳于 仆舒仍亠亢亳 舒弍仂 仆亠 仆舒仍亠亢亳 亟仂 仗亠亳仄亠 弍亠亰仗亠从亳 亰舒仍亠亢仆仂 于亟 舒从舒仍仆仂 亞仗仂亠亰亳 仗仂 仂亰仗仂亟仍 于亳仗舒亟从仂于仂 于亠仍亳亳仆亳 5 仂弍仍亠仄舒 亰 亠亰仍舒舒仄亳 仂仆从亳 亳亰亳从于 从亳于 亰舒亞仂亰舒 于舒亰仍亳于 舒仍亟从亳, 亰于舒亢亠仆 仆舒 亶仄仂于仆 亠从仗仍仂亶 亳亰亳从 ISO, NIST, etc, 舒亰 仆舒 从 VUCA Volatility, Uncertainty, Complexity, Ambiquity 仂亟仆舒从仂于 亟 亟舒ム 亰仆 亠亰仍舒亳 仄舒亠仄舒亳从舒 亠亠亟仂于亳亠仗舒从亳从舒 从亳于
1. 从亳亳仆; 仆亠 仗舒ム 仂亞舒仆亰舒 仆亠仄舒 2. 亠亳仄亠 (value chain), 弍舒亰仂于 从仂仆仂仍 +亟仂亟舒从仂于 亰舒 仆舒磦仆仂 亠于 3. 仂亟舒从仂于 亠于亳 舒 仗仂从亳 - 亞亞仆舒 4.仂 亰仂于仆仆仄 (从仍仆亳, 仗舒仆亠亳, 亟亠亢舒于舒) 亠亶-从仂仆仂仍 亳亰亳从亳 亠 仂仆 舒 仆亳仄 1)仂仆亳亳 舒 2)仗亳亶仆亳/仆亳从仆亳 亳亰亳从 亠亰仗亠从舒 亰舒 仗仂亳亠舒仄亳 于 于亟从亳亶 亳亠仄 6 亳亳仆亳 仄舒仍仂 仆亠 于 弍舒亰舒, 舒 仂从亠仄 亟舒仆; 仆亠 于 仄亠亠亢舒, 舒 仆亠于亠仍亳从亳亶 亠亞仄亠仆; 仆亠 于 亳亠仄亳, 舒 仍舒仆ミ勤笑 value chain 亰舒 仂仆仂于仆亳仄 仗仂亟从仂仄 舒弍亠亰仗亠亠 弍亠亰仗亠亠于仆 从亳亳仆亳, 于 仂仄 亳仍, 仆亳仄亳 从仂仆仂仍礆亳 亳亰仆舒亠仆亳亶 仗亠亳仄亠 亟仍 亰舒仂于舒仆仆 舒仆亟舒于 弍亠亰仗亠从亳 ISO 22301 CIS controls CMMC
乂仂 仂弍亳亳 弍亠亰仗亠 于 仄仂于舒 仆亠于亳亰仆舒亠仆仂? 1. 亳亰仆舒亳亳 舒 亞舒舒仆于舒亳 从亳亳仆 亟磿仆 2. 亟亳仄于舒亳 亠亳 亟仍 仂亰于亳从, 仆亠 亰舒于舒亢舒亳 仗舒ミ火委亳 3. 弌舒于舒亳 仆仆仂于舒, 仗亳亶仄舒ム亳 亳亰亳从 7 亊从仂 亞仂亳亰仂仆 仗仍舒仆于舒仆仆 亟仂于亳亶 亳亢仆, 亠 仆亠 舒舒仗 ISO 22301 KING IV COBIT 2019 SAFe
亳亰仆舒舒仄仂 仗仂亳亠亳 (亰仆舒仄仂, 从亟亳 亶亟亠仄仂) 仗仂亠亳 舒 仗仂从亳, 磻 亰舒弍亠亰仗亠ム 亠舒仍亰舒 舒亠亞 磻 亟仂磪舒仄仂 仄亠 (舒亠亞) 亠, 亰舒 舒仆仂从 仂亞仂 亟仂磪舒仄仂 仄亠 (弍亰仆亠-仄仂亟亠仍) 亠舒 亟磿仆仂 仂亞舒仆亰舒 8 亠亳亶 仗仂亳亠 +亞亳亶 仗仂亳亠, 于 仗亠亳仄亠 +丐亠亶 仗仂亳亠 仂仍亳 亞仂亳亰仂仆 亟仂于亞亳亶, 亠弍舒 从仂仗仂舒亳于仆亠 仗舒于仍仆仆 ISO 9001 King IV COSO ICS ISO 38500
仆仆仂于舒 (仆亠 亰仆舒仄仂, 从亟亳 亶亟亠仄仂) 亠亰仗亠仆亠 亠亠亟仂于亳亠, 弍亠亰 亰舒亞仂亰亳 从亳亳仆仂仄 亠舒亶仆 仗仂亠亳, 亰 仆舒从仂仗亳亠仆仆礆 亟仂于亟 舒亟仍亳从仂于 亠亳, 弍仂 亠舒 亟舒仆 于舒仆仂 亰仗亳仆亳亳 9 仄亠亢舒 仂亞舒仆亰舒 PMBOK BABOK SAFe
仆从舒 亳亰亳从于 () 10 仍 仂亞舒仆亰舒; 舒仄 亟亠 仗仂 亢亳 仂从亠仄舒 仗舒于舒 亳仂亟仆 从舒舒仂亳 舒仆 仗仂弍仍亠仄 亰 亠仆仂仍仂亞礆亳 WEF 2020, long-term ISACA, 2019, 4500 亠仗仂仆亟亠仆于 58% 于仄ム 仍亠 亟仍 弍亰仆亠 - 亳 仆亠 仆舒亶亟仂仂亢亠 Allianz risk barometer 2020
仍从仆舒 仂仆从舒 亳亰亳从于 丼舒 仂仗仆 亳亠仄 亰舒 从亳亳仆亳仄亳 仗仂亠舒仄亳 丼舒 仆舒 仍从于亟舒 仆舒仍亟从于 仗仂亟亶 亳亰亳从 仂亠仆仆 亟亠亟仍舒亶仆于 亠亠亰 丐 (仂仗亠舒, 亟仂亞仂于仂亳, 亰于仆, 仗仂亟舒从亳) 仂 弌亠亠亟仆 于舒 亞仂亟亳仆亳 仗仂仂 仗仂亠舒 仗仍舒舒 仗舒 舒 仆亳 亠于, 于亳舒亠仆亳 仆舒 仍从于亟舒 仆舒仍亟从于 亠亟仂仂亳仄舒仆 亟仂仂亟亳, 舒亳, 仗亠仆 礆 于舒亳 于亟 仆亳亟亠仆于 仂亠仆仆 亟亠亟仍舒亶仆于 仗亳 仂亰仂弍 (time-to- market), 于从仍. 舒仂亳仆亞 亠亟仂仂亳仄舒仆 亟仂仂亟亳 11 舒 仗亳仆亳仗仂仄 亳仗仂于亳 仄亠仂亟于 仄仂亟亠仍ミ火夷出術 仆亠仆舒仆仂于亳 亳亰亳从于 于 亠从仂仆仂仄
仆仄亠仆亳 从仍从仆仂 仂仆从亳 亳亰亳从于 () BI 舒弍仂 仗舒于仍仆从舒 亰于仆 弌从仂亳仆亞亳 弌亠仆舒仆亳亶 舒仆舒仍亰 仆亳亟亠仆于 12 https://data-flair.training/blogs/data-science-tools/ https://www.first.org/cvss/calculator/3.1 https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/Exercise15CalculatorCIC.xlsx https://advisera.com/27001academy/free-tools/free-return-security-investment-calculator/ Excel ToolPak
亊从 仗舒ム 仆仄亠仆: 仂亰舒仆仂从 ROSI* 1- 亟仆 亟舒仆 2- SLE for DDoS 13 3-5- ALE 6- ROSI 亳仗亠仆仆 - 舒弍仂 * /AnastasiiaKonoplova/an-argument-for-budget-acceptancerosi-and-how-to-calculate-it 从仗仆 仆于亠亳亶 于 , 舒弍仂 亰舒 磻亳亶 舒 于舒仄 仗仂于亠仆 从仂亳, 于亳舒亠仆 仆舒 弍亠亰仗亠从
仂仍亳 亟仂仍仆仂 于仗仂于舒亟亢于舒亳 从仍从仆 仂仆从 亠仆仆 仗亳亶仄舒 从仂仍亠亞舒仍仆亳亶 仂亞舒仆 仂亰仗仂磲仆亳从 弍ミ莞勤却 仆亠 从仆亠于亳仄 弍亠仆亠舒仂仄 仍舒仆亳从 于亳 仆舒 仗亟舒于 仂弍从亳于仆亳 亟舒仆亳 仆仂仄舒亳于仆 于亳仄仂亞亳 CFO 仂ミ経出湖 14 ISO 9001 IFRS COSO ICF
仂仍亳 仆于亠亳 于 仆亠 仄舒ム 舒仆舒 亠于仗亠于仆亠仆 于 仆于舒仆仆/从仂仂从亳亶 亞仂亳亰仂仆 仗仂弍仆舒 仍从亳 磻仂 舒亠亞仆亠 亠仆仆 亟仂磪舒亳 于亳亰仆舒亠仆 仄亠 弍从亳于仆 仂弍仄亠亢亠仆仆 个仆舒仆仂于亳 亟亢亠亠仍 仆亠 于亳舒舒 亞仂亳亰仂仆 舒 亠于舒仂于舒仆 舒从仂亳 亳亰亳从亳 仄亠仆, 仆亢 于亳亟仆仂 亰 仗仂亰亳 弍亠亰仗亠从亳 (仆亠舒于仂仄舒亳亰仂于舒仆 仗仂亠亳, 仆 仆舒仗礆亳 亟磿仆仂 仂仂) 15 舒仆亞仍亶从 舒 亰亟仂弍于舒亶亠 亠仆仆 仆舒于亳从亳 亠 亠 亰仄仆
亢亠亠仍舒, 仆仂仄舒 亰 磻亳 亰舒仂仂于舒仆舒 仗亳 仗亟亞仂仂于 亟仂仗仂于亟 16 丐亠仆亟亳 舒 仂亞仍磲亳 弍亠亰仗亠从亳 ∃舒仂于舒仆仆 从弍亠亰弍仂 于 2020 https://www.forbes.com/sites/steveandriole/2020 /01/14/cyberwarfare-will-explode-in-2020- because-its-cheap-easy-- effective/#2cf129226781 ∃∃笑-10 仆舒亶亞亳 从弍亠舒舒从 亟亠亳 https://www.controlglobal.com/blogs/off-site- insights/top-10-worst-cyber-attacks-of-the- decade/ ∃亳舒亶, MLPS 2.0 从仂仆仂仍 仆亠仆亠舒 https://www.reedsmith.com/en/perspectives/201 9/10/mlps-20-chinas-enhanced-data-security- multi-level-protection 仍仂弍舒仍仆 亠仆亟亳 舒 舒亠亞 仂亟仂 亠仆仂仍仂亞亶, 舒亠亞仆亳亶 于亠仆 World economic forum Global risk report 2020 https://www.weforum.org/reports/the-global- risks-report-2020 The Age of Digital Interdependence: Report of the UN Secretary-Generals High-level Panel on Digital Cooperation. June 2019. https://digitalcooperation.org/wp-con- tent/uploads/2019/06/DigitalCooperation-re-port- web-FINAL-1.pdf ∃∃却仆仂仍仂亞仆 亠仆亟亳 2020 https://www.gartner.com/en/newsroom/press- releases/2019-10-21-gartner-identifies-the-top- 10-strategic-technology-trends-for-2020 ∃亳亰亳从亳 弍亰仆亠 于亟 舒仂于亳从舒 https://www.agcs.allianz.com/news-and- insights/reports/allianz-risk-barometer.html 丐亠仆仂仍仂亞仆 亠仆亟亳 2025-2035 亰 仗亳从仍舒亟舒仄亳 https://tci.agcs.allianz.com/ 舒从亳从舒 仗舒于仍仆仆 亳亰亳从舒仄亳 亠仆仂仍仂亞亶 ∃舒从亳从舒 仗舒于仍仆仆 亳亰亳从舒仄亳 于 从仂仗仂舒亳于仆仂仄 于 https://www.isaca.org/info/state-of-enterprise-risk- management-survey/index.html ∃P壬舒于仍仆仆 亳亰亳从舒仄亳 亠 仂仆 https://www.isaca.org/Knowledge- Center/Research/ResearchDeliverables/Pages/Mana ging-Third-Party-Risk.aspx ∃{壬于仗舒 亳亰亳从于 舒 弍亠亰仗亠从亳, 仂仍 https://www.isaca.org/Knowledge- Center/Research/ResearchDeliverables/Pages/Bridgi ng-the-Digital-Risk-Gap.aspx ∃仗亠舒亶仆 舒 从弍亠 亳亰亳从亳 仆舒仆仂于仂亞仂 亠从仂 https://www.bis.org/publ/work840.pdf https://managingrisktogether.orx.org/cyber-risk- programme 丐, 弌亊 丐 亊, 丐 2020-2030 Data Science DMBOK v.2 舒亠仄舒亳亠从舒 仆亳从仍仂仗亠亟亳 于 仗亳 仂仄舒, 1985 弌丐丐 丐 丶丶 EBA ICT Risk Guidelines Cybersecurity act (Regulation (EU) 2019/881) Cybersecurity Maturity Model Certification (CMMC) COBIT 2019 NIST SP 800-37r2 ISO 31000:2018 COSO ERM 2017 ISO 22301 亠仂亟仂仍仂亞 仄仂亟亠仍ミ火夷出術 仂仗仂舒亳于仆亠 仗舒于仍仆仆 亳亰亳从舒仄亳 丕仗舒于仍仆仆 亳亰亳从舒仄亳 亠仆仂仍仂亞亶
仆舒舒 仂仆仂仗仍仂于舒 舒 亰仆舒仆仆礆亳 舒 从舒亳仄亳 仗舒从亳从舒仄亳: https://www.facebook.com/Kyiv.ISACA/ CISA, CISA Trainer 亠亰亳亟亠仆 ISACA Kyiv 亳亠从仂 LLC UAG a.konopleva@isaca.org.ua a.konopleva@uag.kiev.ua +38(050)9570596 17 舒仄 于亳仆仂于从于 亊从 仗舒ム 仗舒于仍仆仆 亳亰亳从舒仄亳 于 仄仂于舒 仆亠于亳亰仆舒亠仆仂, 亰 仗亳从仍舒亟于 亰舒 20 仂从于: 舒 仂亰舒仆从仂仄 亳亰亳从于 : LLC UAG *https://www.weforum.org/agenda/2019/12/davos-manifesto-2020-the-universal- purpose-of-a-company-in-the-fourth-industrial-revolution/ 仂于亞亳亶 亞仂亳亰仂仆, 仄亠舒 弍亠亰仗亠从舒: 亰舒弍亠亰仗亠亶亠 亰仂弍仂于磶舒仆仆 亰舒 弍亟-磻亳 仄仂于. 丶仆舒 仂亰于亳仂从. 仂仂从亳亶 亞仂亳亰仂仆, 仄亠舒 于亳亟从亳亶 仗亳弍仂从: 舒亶亠 仄仂仄亠仆, 从仂仍亳 于亳亶亳. 丶仆舒 弍亠亰仗亠从舒. 仂于亞亳亶 亞仂亳亰仂仆, 仄亠舒 舒仍亳亶 仂亰于亳仂从*: 亰舒弍亠亰仗亠于舒亳 从亳亳仆亠, 仆舒从仂仗亳于舒亳 于 从仂仂从亳 亞仂亳亰仂仆舒, 于从仍舒亟舒亳 于 仆仆仂于舒. 舒于舒亳 亳亰亳从亳. 丶仆舒 仆舒亟仗亳弍从亳.

More Related Content

IS Risk Governance&Management

  • 1. 丕仗舒于仍仆仆 亳亰亳从舒仄亳 磻 于亳亰仆舒舒亳 仗仂亳亠亳 舒 仂从仗仆 仆于亠亳亶 于 亰 仂亞仍磲 仆舒 亳亰亳从亳 弍亰仆亠舒 1
  • 2. 丕仗舒于仍仆仆 亳亰亳从舒仄亳 仄亠仆亳亳 仆亠于亳亰仆舒亠仆 仗亳 亟仂磪仆亠仆仆 丐 2 ISO 31000:2018 COSO ERM 2017 弌丐 2019 于 仂仗亠舒 仗亳 仗亳亶仆 亠仆 于 弍亰仆亠-仗仂亠 于 亟磿仆仂 仂亞舒仆亰舒 仂仗亠舒 亠仆仆 弍亰仆亠-仗仂亠舒 亟磿仆仂 仂亞舒仆亰舒 仗仂于磶舒仆 亰 亳仆从仂仄, 从仂仆舒亞亠仆仂仄, 亠仆仂仍仂亞, 亠亞仍ミ火夷出術礆, 仍ミ莞湖出粧, 从舒仆仂, 仗仂仍亳从仂, 仗仂亞仂亟仂 WEF 2020
  • 3. 弌舒仆亠 丐 仂亞舒仆亰舒 亠亰仗亠从舒 3 束弌从仍舒亟仆舒 亳亠仄舒損, 亰舒 亰舒仄仂于舒仆仆礆 于亟从亳舒 仄舒亠仄舒亳仆亳亶 舒仗舒舒 仂舒亳仆亠 仄仂亟亠仍ミ火夷出術 仂亳仆舒 亰 于亳亰仆舒亠仆仆 仗亠亳仄亠 舒 仄舒 亞舒舒仆于舒亳 亶仂亞仂 于仄 亠亠仄仆仂于舒仆仂 亰舒 亰舒仄仂于舒仆仆礆 丼仂仄 亰舒舒亰 从仍舒亟仆仂?
  • 4. 4
  • 5. 舒 仗亳仂亟仂 舒仆亳 丐: 仗亠于仆亳亶 仄仂仄亠仆 舒 舒从亳于 仆舒仍亠亢亳 舒弍仂 仆亠 仆舒仍亠亢亳 亟仂 仗亠亳仄亠 弍亠亰仗亠从亳 亰舒仍亠亢仆仂 于亟 舒从舒仍仆仂 亞仗仂亠亰亳 仗仂 仂亰仗仂亟仍 于亳仗舒亟从仂于仂 于亠仍亳亳仆亳 5 仂弍仍亠仄舒 亰 亠亰仍舒舒仄亳 仂仆从亳 亳亰亳从于 从亳于 亰舒亞仂亰舒 于舒亰仍亳于 舒仍亟从亳, 亰于舒亢亠仆 仆舒 亶仄仂于仆 亠从仗仍仂亶 亳亰亳从 ISO, NIST, etc, 舒亰 仆舒 从 VUCA Volatility, Uncertainty, Complexity, Ambiquity 仂亟仆舒从仂于 亟 亟舒ム 亰仆 亠亰仍舒亳 仄舒亠仄舒亳从舒 亠亠亟仂于亳亠仗舒从亳从舒 从亳于
  • 6. 1. 从亳亳仆; 仆亠 仗舒ム 仂亞舒仆亰舒 仆亠仄舒 2. 亠亳仄亠 (value chain), 弍舒亰仂于 从仂仆仂仍 +亟仂亟舒从仂于 亰舒 仆舒磦仆仂 亠于 3. 仂亟舒从仂于 亠于亳 舒 仗仂从亳 - 亞亞仆舒 4.仂 亰仂于仆仆仄 (从仍仆亳, 仗舒仆亠亳, 亟亠亢舒于舒) 亠亶-从仂仆仂仍 亳亰亳从亳 亠 仂仆 舒 仆亳仄 1)仂仆亳亳 舒 2)仗亳亶仆亳/仆亳从仆亳 亳亰亳从 亠亰仗亠从舒 亰舒 仗仂亳亠舒仄亳 于 于亟从亳亶 亳亠仄 6 亳亳仆亳 仄舒仍仂 仆亠 于 弍舒亰舒, 舒 仂从亠仄 亟舒仆; 仆亠 于 仄亠亠亢舒, 舒 仆亠于亠仍亳从亳亶 亠亞仄亠仆; 仆亠 于 亳亠仄亳, 舒 仍舒仆ミ勤笑 value chain 亰舒 仂仆仂于仆亳仄 仗仂亟从仂仄 舒弍亠亰仗亠亠 弍亠亰仗亠亠于仆 从亳亳仆亳, 于 仂仄 亳仍, 仆亳仄亳 从仂仆仂仍礆亳 亳亰仆舒亠仆亳亶 仗亠亳仄亠 亟仍 亰舒仂于舒仆仆 舒仆亟舒于 弍亠亰仗亠从亳 ISO 22301 CIS controls CMMC
  • 7. 乂仂 仂弍亳亳 弍亠亰仗亠 于 仄仂于舒 仆亠于亳亰仆舒亠仆仂? 1. 亳亰仆舒亳亳 舒 亞舒舒仆于舒亳 从亳亳仆 亟磿仆 2. 亟亳仄于舒亳 亠亳 亟仍 仂亰于亳从, 仆亠 亰舒于舒亢舒亳 仗舒ミ火委亳 3. 弌舒于舒亳 仆仆仂于舒, 仗亳亶仄舒ム亳 亳亰亳从 7 亊从仂 亞仂亳亰仂仆 仗仍舒仆于舒仆仆 亟仂于亳亶 亳亢仆, 亠 仆亠 舒舒仗 ISO 22301 KING IV COBIT 2019 SAFe
  • 8. 亳亰仆舒舒仄仂 仗仂亳亠亳 (亰仆舒仄仂, 从亟亳 亶亟亠仄仂) 仗仂亠亳 舒 仗仂从亳, 磻 亰舒弍亠亰仗亠ム 亠舒仍亰舒 舒亠亞 磻 亟仂磪舒仄仂 仄亠 (舒亠亞) 亠, 亰舒 舒仆仂从 仂亞仂 亟仂磪舒仄仂 仄亠 (弍亰仆亠-仄仂亟亠仍) 亠舒 亟磿仆仂 仂亞舒仆亰舒 8 亠亳亶 仗仂亳亠 +亞亳亶 仗仂亳亠, 于 仗亠亳仄亠 +丐亠亶 仗仂亳亠 仂仍亳 亞仂亳亰仂仆 亟仂于亞亳亶, 亠弍舒 从仂仗仂舒亳于仆亠 仗舒于仍仆仆 ISO 9001 King IV COSO ICS ISO 38500
  • 9. 仆仆仂于舒 (仆亠 亰仆舒仄仂, 从亟亳 亶亟亠仄仂) 亠亰仗亠仆亠 亠亠亟仂于亳亠, 弍亠亰 亰舒亞仂亰亳 从亳亳仆仂仄 亠舒亶仆 仗仂亠亳, 亰 仆舒从仂仗亳亠仆仆礆 亟仂于亟 舒亟仍亳从仂于 亠亳, 弍仂 亠舒 亟舒仆 于舒仆仂 亰仗亳仆亳亳 9 仄亠亢舒 仂亞舒仆亰舒 PMBOK BABOK SAFe
  • 10. 仆从舒 亳亰亳从于 () 10 仍 仂亞舒仆亰舒; 舒仄 亟亠 仗仂 亢亳 仂从亠仄舒 仗舒于舒 亳仂亟仆 从舒舒仂亳 舒仆 仗仂弍仍亠仄 亰 亠仆仂仍仂亞礆亳 WEF 2020, long-term ISACA, 2019, 4500 亠仗仂仆亟亠仆于 58% 于仄ム 仍亠 亟仍 弍亰仆亠 - 亳 仆亠 仆舒亶亟仂仂亢亠 Allianz risk barometer 2020
  • 11. 仍从仆舒 仂仆从舒 亳亰亳从于 丼舒 仂仗仆 亳亠仄 亰舒 从亳亳仆亳仄亳 仗仂亠舒仄亳 丼舒 仆舒 仍从于亟舒 仆舒仍亟从于 仗仂亟亶 亳亰亳从 仂亠仆仆 亟亠亟仍舒亶仆于 亠亠亰 丐 (仂仗亠舒, 亟仂亞仂于仂亳, 亰于仆, 仗仂亟舒从亳) 仂 弌亠亠亟仆 于舒 亞仂亟亳仆亳 仗仂仂 仗仂亠舒 仗仍舒舒 仗舒 舒 仆亳 亠于, 于亳舒亠仆亳 仆舒 仍从于亟舒 仆舒仍亟从于 亠亟仂仂亳仄舒仆 亟仂仂亟亳, 舒亳, 仗亠仆 礆 于舒亳 于亟 仆亳亟亠仆于 仂亠仆仆 亟亠亟仍舒亶仆于 仗亳 仂亰仂弍 (time-to- market), 于从仍. 舒仂亳仆亞 亠亟仂仂亳仄舒仆 亟仂仂亟亳 11 舒 仗亳仆亳仗仂仄 亳仗仂于亳 仄亠仂亟于 仄仂亟亠仍ミ火夷出術 仆亠仆舒仆仂于亳 亳亰亳从于 于 亠从仂仆仂仄
  • 12. 仆仄亠仆亳 从仍从仆仂 仂仆从亳 亳亰亳从于 () BI 舒弍仂 仗舒于仍仆从舒 亰于仆 弌从仂亳仆亞亳 弌亠仆舒仆亳亶 舒仆舒仍亰 仆亳亟亠仆于 12 https://data-flair.training/blogs/data-science-tools/ https://www.first.org/cvss/calculator/3.1 https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/Exercise15CalculatorCIC.xlsx https://advisera.com/27001academy/free-tools/free-return-security-investment-calculator/ Excel ToolPak
  • 13. 亊从 仗舒ム 仆仄亠仆: 仂亰舒仆仂从 ROSI* 1- 亟仆 亟舒仆 2- SLE for DDoS 13 3-5- ALE 6- ROSI 亳仗亠仆仆 - 舒弍仂 * /AnastasiiaKonoplova/an-argument-for-budget-acceptancerosi-and-how-to-calculate-it 从仗仆 仆于亠亳亶 于 , 舒弍仂 亰舒 磻亳亶 舒 于舒仄 仗仂于亠仆 从仂亳, 于亳舒亠仆 仆舒 弍亠亰仗亠从
  • 14. 仂仍亳 亟仂仍仆仂 于仗仂于舒亟亢于舒亳 从仍从仆 仂仆从 亠仆仆 仗亳亶仄舒 从仂仍亠亞舒仍仆亳亶 仂亞舒仆 仂亰仗仂磲仆亳从 弍ミ莞勤却 仆亠 从仆亠于亳仄 弍亠仆亠舒仂仄 仍舒仆亳从 于亳 仆舒 仗亟舒于 仂弍从亳于仆亳 亟舒仆亳 仆仂仄舒亳于仆 于亳仄仂亞亳 CFO 仂ミ経出湖 14 ISO 9001 IFRS COSO ICF
  • 15. 仂仍亳 仆于亠亳 于 仆亠 仄舒ム 舒仆舒 亠于仗亠于仆亠仆 于 仆于舒仆仆/从仂仂从亳亶 亞仂亳亰仂仆 仗仂弍仆舒 仍从亳 磻仂 舒亠亞仆亠 亠仆仆 亟仂磪舒亳 于亳亰仆舒亠仆 仄亠 弍从亳于仆 仂弍仄亠亢亠仆仆 个仆舒仆仂于亳 亟亢亠亠仍 仆亠 于亳舒舒 亞仂亳亰仂仆 舒 亠于舒仂于舒仆 舒从仂亳 亳亰亳从亳 仄亠仆, 仆亢 于亳亟仆仂 亰 仗仂亰亳 弍亠亰仗亠从亳 (仆亠舒于仂仄舒亳亰仂于舒仆 仗仂亠亳, 仆 仆舒仗礆亳 亟磿仆仂 仂仂) 15 舒仆亞仍亶从 舒 亰亟仂弍于舒亶亠 亠仆仆 仆舒于亳从亳 亠 亠 亰仄仆
  • 16. 亢亠亠仍舒, 仆仂仄舒 亰 磻亳 亰舒仂仂于舒仆舒 仗亳 仗亟亞仂仂于 亟仂仗仂于亟 16 丐亠仆亟亳 舒 仂亞仍磲亳 弍亠亰仗亠从亳 ∃舒仂于舒仆仆 从弍亠亰弍仂 于 2020 https://www.forbes.com/sites/steveandriole/2020 /01/14/cyberwarfare-will-explode-in-2020- because-its-cheap-easy-- effective/#2cf129226781 ∃∃笑-10 仆舒亶亞亳 从弍亠舒舒从 亟亠亳 https://www.controlglobal.com/blogs/off-site- insights/top-10-worst-cyber-attacks-of-the- decade/ ∃亳舒亶, MLPS 2.0 从仂仆仂仍 仆亠仆亠舒 https://www.reedsmith.com/en/perspectives/201 9/10/mlps-20-chinas-enhanced-data-security- multi-level-protection 仍仂弍舒仍仆 亠仆亟亳 舒 舒亠亞 仂亟仂 亠仆仂仍仂亞亶, 舒亠亞仆亳亶 于亠仆 World economic forum Global risk report 2020 https://www.weforum.org/reports/the-global- risks-report-2020 The Age of Digital Interdependence: Report of the UN Secretary-Generals High-level Panel on Digital Cooperation. June 2019. https://digitalcooperation.org/wp-con- tent/uploads/2019/06/DigitalCooperation-re-port- web-FINAL-1.pdf ∃∃却仆仂仍仂亞仆 亠仆亟亳 2020 https://www.gartner.com/en/newsroom/press- releases/2019-10-21-gartner-identifies-the-top- 10-strategic-technology-trends-for-2020 ∃亳亰亳从亳 弍亰仆亠 于亟 舒仂于亳从舒 https://www.agcs.allianz.com/news-and- insights/reports/allianz-risk-barometer.html 丐亠仆仂仍仂亞仆 亠仆亟亳 2025-2035 亰 仗亳从仍舒亟舒仄亳 https://tci.agcs.allianz.com/ 舒从亳从舒 仗舒于仍仆仆 亳亰亳从舒仄亳 亠仆仂仍仂亞亶 ∃舒从亳从舒 仗舒于仍仆仆 亳亰亳从舒仄亳 于 从仂仗仂舒亳于仆仂仄 于 https://www.isaca.org/info/state-of-enterprise-risk- management-survey/index.html ∃P壬舒于仍仆仆 亳亰亳从舒仄亳 亠 仂仆 https://www.isaca.org/Knowledge- Center/Research/ResearchDeliverables/Pages/Mana ging-Third-Party-Risk.aspx ∃{壬于仗舒 亳亰亳从于 舒 弍亠亰仗亠从亳, 仂仍 https://www.isaca.org/Knowledge- Center/Research/ResearchDeliverables/Pages/Bridgi ng-the-Digital-Risk-Gap.aspx ∃仗亠舒亶仆 舒 从弍亠 亳亰亳从亳 仆舒仆仂于仂亞仂 亠从仂 https://www.bis.org/publ/work840.pdf https://managingrisktogether.orx.org/cyber-risk- programme 丐, 弌亊 丐 亊, 丐 2020-2030 Data Science DMBOK v.2 舒亠仄舒亳亠从舒 仆亳从仍仂仗亠亟亳 于 仗亳 仂仄舒, 1985 弌丐丐 丐 丶丶 EBA ICT Risk Guidelines Cybersecurity act (Regulation (EU) 2019/881) Cybersecurity Maturity Model Certification (CMMC) COBIT 2019 NIST SP 800-37r2 ISO 31000:2018 COSO ERM 2017 ISO 22301 亠仂亟仂仍仂亞 仄仂亟亠仍ミ火夷出術 仂仗仂舒亳于仆亠 仗舒于仍仆仆 亳亰亳从舒仄亳 丕仗舒于仍仆仆 亳亰亳从舒仄亳 亠仆仂仍仂亞亶
  • 17. 仆舒舒 仂仆仂仗仍仂于舒 舒 亰仆舒仆仆礆亳 舒 从舒亳仄亳 仗舒从亳从舒仄亳: https://www.facebook.com/Kyiv.ISACA/ CISA, CISA Trainer 亠亰亳亟亠仆 ISACA Kyiv 亳亠从仂 LLC UAG a.konopleva@isaca.org.ua a.konopleva@uag.kiev.ua +38(050)9570596 17 舒仄 于亳仆仂于从于 亊从 仗舒ム 仗舒于仍仆仆 亳亰亳从舒仄亳 于 仄仂于舒 仆亠于亳亰仆舒亠仆仂, 亰 仗亳从仍舒亟于 亰舒 20 仂从于: 舒 仂亰舒仆从仂仄 亳亰亳从于 : LLC UAG *https://www.weforum.org/agenda/2019/12/davos-manifesto-2020-the-universal- purpose-of-a-company-in-the-fourth-industrial-revolution/ 仂于亞亳亶 亞仂亳亰仂仆, 仄亠舒 弍亠亰仗亠从舒: 亰舒弍亠亰仗亠亶亠 亰仂弍仂于磶舒仆仆 亰舒 弍亟-磻亳 仄仂于. 丶仆舒 仂亰于亳仂从. 仂仂从亳亶 亞仂亳亰仂仆, 仄亠舒 于亳亟从亳亶 仗亳弍仂从: 舒亶亠 仄仂仄亠仆, 从仂仍亳 于亳亶亳. 丶仆舒 弍亠亰仗亠从舒. 仂于亞亳亶 亞仂亳亰仂仆, 仄亠舒 舒仍亳亶 仂亰于亳仂从*: 亰舒弍亠亰仗亠于舒亳 从亳亳仆亠, 仆舒从仂仗亳于舒亳 于 从仂仂从亳 亞仂亳亰仂仆舒, 于从仍舒亟舒亳 于 仆仆仂于舒. 舒于舒亳 亳亰亳从亳. 丶仆舒 仆舒亟仗亳弍从亳.