Quality and information security management systems integration issues

Following the trend of more frequent cases of unauthorized access to data, as well as the dynamic growth of the volume of information, a reliable information security system is needed. Although quality management system and information technology are not closely related areas these days, quality principles can be applied to data protection. This article reveals the topic of the specifics of information security, describes the theory of quality management, provides examples of the impact of joint work of quality and cybersecurity departments. Also, the principles of quality are listed and the concept of quality assurance is disclosed, its effect in relation to information technology. This work contains a list of tests performed by the data protection department, such as penetration tests, security audits and others, and what role these tests play in the quality management system. Various quality tools, such as statistical methods and a risk matrix, and a way to measure risk are illustrated. In addition, this article analyzes the prospects for integrating quality management systems and information security and provides basic recommendations for organizing the work of these two areas.