Development of a method for assessing the level of security of multicomponent corporate information systems

Any modern company needs to ensure high-quality management of information security processes due to the spread of cyberattacks on organizations and the emergence of new threats. This requires the use of the most accurate set of metrics to assess the security indicators of the information system. components Information systems used in companies are multicomponent and include dozens of objects and a significant number of links between them. These implementation features must be taken into account when assessing security and designing an information security system. The existing security assessment methods do not fully take into account the features of the structure of the information system, focusing only on the implementation of individual data protection measures and the presence of specific security tools in the analyzed systems without taking into account the configuration options for the links between each of the elements of the particular system. This article discusses the implementation of a method for assessing the security level of multicomponent corporate information systems, taking into account their structure and configuration of individual security elements. The proposed assessment method can be implemented for companies of various sizes and a wide range of areas of activity, as well as for companies with a distributed corporate information infrastructure.