Subject. This article focuses on the issues related to the audit of information systems and cybersecurity. Objectives. The article aims to determine the key areas of legal regulation of information security audit, taking into account the requirements of the time, technical capabilities and digital transformations taking place in society and the global space. Methods. For the study, we used a case study method, analysis, computational and graphical method, data systematization, and the ecosystem approach. Results. The article identifies gaps in the methodological framework and statutory regulation of the audit of information systems, substantiates the need for systematization and further development of the legislative framework for the audit of information security, and identifies the objects of information technologies that require special attention. It proposes to make certain changes to the Federal Law On Auditing regarding the introduction of information security checks of business entities into the list of other services, as well as develop standards for government auditing, which will unify this type of activity. Conclusions and Relevance. The number of cybercrimes is steadily growing, and this is due to both the widespread digitalization of ecosystems and the high level of technical and intellectual training of persons committing fraudulent actions. Ensuring the information security of economic entities and government agencies is impossible without conducting an audit that reduces the risk of cyber threats. The results of the study can be used to develop the regulatory framework for the audit of information systems, as well as for further scientific research and practical application.
Keywords: cyber threats, information protection, information systems audit, statutory regulation
References:
Selezneva I.P., Sitnov A.A. [Audit in the context of digitalization of the Russian economy: risks, opportunities, and limitations]. Problemy ekonomiki i yuridicheskoi praktiki = Economic Problems and Legal Practice, 2020, vol. 16, no. 4, pp. 98–103. URL: Link (In Russ.)
Makarenko S.I. [Audit of information security – the main stages, conceptual framework, classification of types]. Sistemy upravleniya, svyazi i bezopasnosti, 2018, no. 1, pp. 1–29. (In Russ.) URL: Link
Kashirskaya L.V., Zurnadzh'yants Yu.A. [Objects of information security audit and directions of their verification]. Auditor, 2022, vol. 8, no. 1, pp. 21–31. URL: Link (In Russ.)
Bulyga R.P., Safonova I.V. [Transformation of audit methodology with the use of Blockchain and DLT technologies]. Uchet. Analiz. Audit = Accounting. Analysis. Auditing, 2021, vol. 8, no. 5, pp. 6–13. (In Russ.) URL: Link
Safonova M.F., Kisilevich T.I. [Transformation of information and analytical audit support during the digitalization of economic and accounting systems]. Mezhdunarodnyi bukhgalterskii uchet = International Accounting, 2022, vol. 25, iss. 7, pp. 780–805. (In Russ.) URL: Link
Odintsova T.M. [Accounting: Development and transformation in the context of contemporary challenges]. Mezhdunarodnyi bukhgalterskii uchet = International Accounting, 2021, vol. 24, iss. 10, pp. 1162–1187. (In Russ.) URL: Link
Druzhilovskaya T.Yu. [Digitalization and artificial intelligence in accounting: Achievements and prospects]. Mezhdunarodnyi bukhgalterskii uchet = International Accounting, 2023, vol. 26, iss. 5, pp. 500–521. (In Russ.) URL: Link
Soboleva G.V., Zuga E.I., Popova I.N. [Availability and relevance of digital competencies for audit]. Audit, 2021, no. 4, pp. 17–21. URL: Link (In Russ.)
Anisimova S.V. [Development of the company's internal audit system in the conditions of the digital economy]. Upravlencheskii uchet = Management Accounting, 2023, no. 8, pp. 368–373. (In Russ.) URL: Link
Kurnykina O.V. [Audit in the context of digitalization: problems and prospects]. Auditor, 2023, vol. 9, no. 5, pp. 8–14. (In Russ.) URL: Link
Meshcheryakova V. [From chaos to order: the information security audit market]. BIS Journal, 2021, no. 2, pp. 34–36. URL: Link (In Russ.)
Ivanchenko V.V. [IT audit]. Vestnik Moskovskogo finansovo-yuridicheskogo universiteta MFYuA = Herald of Moscow University of Finances and Law MFUA, 2015, no. 1, pp. 181–188. URL: Link (In Russ.)
Koz'minykh S.I., Koz'minykh P.S. [Information security audit]. Vestnik Moskovskogo universiteta MVD Rossii = Vestnik of Moscow University of the Ministry of Internal Affairs of Russia, 2016, no. 1, pp. 181–186. (In Russ.) URL: Link
Yakimova V.A. [Opportunities and prospects for using digital technologies in auditing]. Vestnik Sankt-Peterburgskogo universiteta. Ekonomika = St. Petersburg University Journal of Economic Studies, 2020, vol. 36, no. 2, pp. 287–318. (In Russ.) URL: Link
Shumilova V.V. [The digital ruble of the Bank of Russia as a new form of national currency]. Legal Concept, 2022, vol. 21, no. 2, pp. 156–162. (In Russ.) URL: Link
Andryushin S.A. [Digital currency of the Central Bank as the third form of money of the State]. Aktual'nye problemy ekonomiki i prava = Actual Problems of Economics and Law, 2021, vol. 15, no. 1, pp. 54–76. (In Russ.) URL: Link
Berdyshev A.V., Silant'eva V.G. [Prospects for the development of the Russian monetary system based on the digital ruble]. Finansovye rynki i banki = Financial Markets and Banks, 2022, no. 8, pp. 37–39. URL: Link (In Russ.)
Ivanushchenko A.V., Plyusnina E.A., Yatsyk A.A. [Digitalization of the national currency: world and domestic experience]. Ekonomika. Pravo. Innovatsii = Economics. Law. Innovation, 2021, no. 2, pp. 4–11. URL: Link (In Russ.)
Kozmenkova S.V., Klychova G.S. [An economic expert analysis of funds in the context of digitalization: Some considerations]. Daidzhest-Finansy = Digest Finance, 2023, vol. 28, iss. 3, pp. 255–270. (In Russ.) URL: Link