EVALUATION OF THE EFFECTIVENESS OF THE INFORMATION SECURITY SYSTEM

The article discusses a methodological approach to building models for evaluating the
effectiveness of programs (projects) for creating or upgrading an information security system inorder to ensure the stability and competitiveness of a company in the face of increasing threats to violate the integrity, confidentiality, availability and reliability of information that is essential for its
activities. At the same time, the effectiveness of programs (projects) is understood as the degree of
use of the opportunities allocated for their implementation of material, intangible and temporary
resources to achieve the goals. In the mathematical formalization of the generalized performance
indicator, it is taken into account that the implementation of technical, technological, organizational
and other elements (activities) included in this program (project) is accompanied by the impact of
many random factors affecting the achievement of their particular goals. The proposed generalized
indicator provides a dominant assessment of the effectiveness of programs (projects), taking into
account the risks in their implementation.