ORGANIZATION OF THE DIGITAL INFORMATION PROTECTION SYSTEM IN FINANCIAL ACCOUNTING
DOI:
https://doi.org/10.29038/2786-4618-2024-04-72-81Keywords:
Organization of information security, digital data of financial accounting, cyber security.Abstract
Abstract. Introduction. The constant development of technologies, changing forms of threats and the need to adapt to new conditions will require organizations to constantly improve their security systems.
The purpose of this work is to systematize theoretical provisions and substantiate practical recommendations regarding the organization of protection of digital financial accounting data.
Methods. In the process of research, the method of induction was used at the stage of collecting, processing and systematization of the received information, the method of analysis and synthesis - to combine the constituent elements of economic phenomena in a single process.
Results. The essential characteristics of the concepts of information security, digital security and data cyber security in the context of economic security of the enterprise are revealed. A set of measures in the system of organizing digital security of financial accounting data has been identified. National and international legal acts, standards and recommendations define mandatory requirements for data storage, processing and transmission, thus providing a legal basis for the implementation of information security policies. The main directions of state policy in the field of information security have been determined. The state in which business entities currently work is accompanied by constant cyber-attacks both on the enterprises themselves and on the totality of their digital data in the field of accounting and taxation. The main measures to ensure cyber security for critical infrastructure enterprises have been determined. They singled out the main problems of digital information protection in accounting, namely: data leakage; software attacks; phishing and social engineering; malware. The main methods of preventing cyber threats are summarized. Recommendations on the organization of the system for ensuring the security of digital data in financial accounting have been formed. The actions of the accounting staff of the enterprise or the enterprise of the partner, which may create a threat of information leakage, are singled out. A set of information sources in need of protection has been identified.
Conclusions. The digital information protection system should become an element of the company's accounting policy, and its implementation will contribute to the economic security of the business entity.
References
1. Borymsʹka, K. P. (2013). Zakhyst bukhhaltersʹkoyi informatsiyi v oblikoviy politytsi z metoyu opodatkuvannya: orhanizatsiyni aspekty [Protection of accounting information in the accounting policy for taxation purposes: organizational aspects]. Zbirnyk naukovykh pratsʹ Natsionalʹnoho universytetu derzhavnoyi podatkovoyi sluzhby Ukrayiny – Collection of scientific works of the National University of the State Tax Service of Ukraine. 2. 14-21. Retrieved from http://nbuv.gov.ua/UJRN/znpnudps_2013_2_4 [in Ukrainian].
2. Buldyzhov, V. Kiberbezpeka, IB, bezpeka IT – u chomu riznytsya? [Cyber security, IS, IT security - what's the difference?]. Retrieved from https://www.h-x.technology/ua/blog-ua/infosec-itsec-cybersecurity-defference-ua [in Ukrainian].
3. Vasylishyn, S. I. (2020). Oblikovo-analitychne zabezpechennya v systemi ryzykiv ta zahroz ekonomichnoyi bezpeky ahrarnykh pidpryyemstv Ukrayiny [Accounting and analytical support in the system of risks and threats to the economic security of agricultural enterprises of Ukraine]. Kharkiv: Madrid Printing House. 419 p. [in Ukrainian].
4. Hnylytsʹka, L. V. (2022). Oblikovo-analitychne zabezpechennya ekonomichnoyi bezpeky pidpryyemstva [Accounting and analytical provision of economic security of the enterprise]. Kyiv: KNEU. 305 p. [in Ukrainian].
5. Denʹha, S. M. (2004). Zakhyst informatsiyi v komp`yuternykh informatsiynykh systemakh bukhhaltersʹkoho obliku [Protection of information in computer accounting information systems]. Bukhhaltersʹkyy oblik i audyt – Accounting and auditing. 5. 59-65. [in Ukrainian].
6. Zhyvko, Z. B. (2018). Zakhyst informatsiynykh resursiv v upravlinni systemamy ekonomichnoyi bezpeky pidpryyemstva [Protection of information resources in the management of enterprise economic security systems]. Ekonomichnyy prostir – Economic space. 17. 166-173. [in Ukrainian].
7. Kulynych, M. B., Fatenok-Tkachuk, A. O. & Melʹnyk, K. P. (2021). Oblik, analiz, audyt i opodatkuvannya v upravlinni rozvytkom subʺyektiv hospodaryuvannya cherez pryzmu tsyfrovizatsiyi [Accounting, analysis, audit and taxation in the management of the development of economic entities through the prism of digitalization]. Lutsk: Vezha-Druk. 170 p. [in Ukrainian].
8. Nastanovy z kiberbezpeky vid ekspertiv [Guidelines on cyber security from experts] . Retrieved from surl.li/lfoaiz [in Ukrainian].
9. Resolution of the Cabinet of Ministers "On Approval of General Requirements for Cyber Protection of Critical Infrastructure Objects" № 518 (19.06.2019). Retrieved from https://zakon.rada.gov.ua/laws/show/518-2019-%D0%BF#Text [in Ukrainian].
10. Law of Ukraine "On the Basic Principles of Cyber Security of Ukraine". Document 2163-VIII. (05.10.2017). Retrieved from http://zakon.rada.gov.ua/laws/show/2163-19. [in Ukrainian].
11. Law of Ukraine "On the National Security and Defense Council of Ukraine". Information of the Verkhovna Rada of Ukraine (VVR), 1998, No. 35, Article 237. (13.07.2023) document 3223-IX. . Retrieved from https://zakon.rada.gov.ua/laws/show/3223-20#n59 [in Ukrainian].
12. Fatenok-Tkachuk, A. O. (2018). Oblikovo-analitychne zabezpechennya biznes-protsesiv pidpryyemstva [Accounting and analytical support of business processes of the enterprise]. Луцьк : Вежа-Друк. 200 p. [in Ukrainian].
13. Fatenok-Tkachuk, A., Skoruk O., Yanush, R., & Zakharchuk I. (2024). Vykorystannya shtuchnoho intelektu v oblikovo-analitychnykh protsesakh [Use of artificial intelligence in accounting and analytical processes]. Ekonomichnyy chasopys VNU im. Lesi Ukrayinky – Economic Journal of Lesya Ukrainka Volyn National University. 2. 21–29. . Retrieved from https://doi.org/10.29038/2786-4618-2024-02-21-29. [in Ukrainian].
14. BILL Spend & Expense (Formerly Divvy). BILL | Financial Operations Platform for Businesses & Firms. Retrieved from https://www.bill.com/product/spend-and-expense [in English].
15. Botkeeper | Bookkeeping for Accounting Firms. Botkeeper | Bookkeeping for Accounting Firms. Retrieved from https://www.botkeeper.com/ [in English].
16. Ehioghiren, E. E., Ojeaga J. O. (2022)/ Cloud-based Accounting Technologies: Preparing Future-Ready Professional Accountants. International Journal of Innovative Science and Research Technology. 7, 2. Retrieved from https://ijisrt.com/assets/upload/files/IJISRT22FEB658.pdf [in English]/
17. Fahmi, M., Muda, I. & Kesuma S. A.(2023)/ Digitization Technologies and Contributions to Companies towards Accounting and Auditing Practices. International Journal of Social Service and Research. 3. 3. Retrieved from https://doi.org/10.46799/ijssr.v3i3.298 [in English].
18. Financial Operations: Bookkeeping For Modern Startups. Financial Operations: Bookkeeping For Modern Startups. Retrieved from https://www.zeni.ai/ [in English].
19. Gridlex Sky Accounting, Expenses & ERP Software. Gridlex - CRM, Help Desk, HRMS, Expenses, Accounting &ERP. Retrieved from http://surl.li/nordxy [in English].
20. ISO/IEC 27001:2022. Information security, cyber security and privacy protection - Information security management systems - Requirements. Retrieved from https://www.iso.org/standard/27001 [in Ukrainian].
21. Zadorozhnyi, Z. -M., Desyatnyuk, O., Muravskyi, V.& Shevchuk, O. (2023).Combination of Digital Twin Technology and FinOps in Management Accounting Modeling 2023 13th International Conference on Advanced Computer Information Technologies (ACIT), Wrocław, Poland. pp. 352-356. Retrieved from doi: 10.1109/ACIT58437.2023.10275621 [in English].
22. Kaspersky Endpoint Security / Bitdefender / Symantec Endpoint Protection. Retrieved from http://surl.li/cphfqw [in English].
23. Splunk / SolarWinds / Nagios Retrieved from http://surl.li/feudxm [in English].
24. Veeam Backup & Replication / Acronis Backup / Commvault. . Retrieved from http://surl.li/yedkva [in English].
25. VeraCrypt / BitLocker / PGP (Pretty Good Privacy). Retrieved from https://en.wikipedia.org/wiki/Pretty_Good_Privacy[in English].
This work is licensed under a 