Failure to comply with IS rules in the present-day business world results in confidential data leaks and deteriorates the company's market reputation. Compliance with IS rules for an organization means protection of any information within the scope of its activities. Storage and processing of some information types are regulated by Russian laws:

• Federal Law of the Russian Federation No. 152-FZ dated July 27, 2006, "On Personal Data" to set forth the rules for processing and ensuring the security of personal data
• Federal Law of the Russian Federation No. 187-FZ dated July 26, 2017, "On the Safety of the Critical Infrastructure of the Russian Federation"
• Federal Law of the Russian Federation No. 98-FZ dated July 29, 2004, "On Commercial Secrets"
• Federal Law of the Russian Federation No. 5485-1 dated July 21, 1993, "On State Secrets"

Audits are conducted to evaluate the security level of the company infrastructure and compliance with IS standards. During the audits, the following elements are analyzed:

• Information the enterprise stores and processes
• The software used for information processing
• IT resources the information is stored on
• Channels used for transferring the information
• Means for physical protection of the information

Solution benefits:

IS incidents result in financial and reputational damage to organizations. Audits of the information infrastructure security level make it possible to identify its vulnerabilities and develop a plan for their elimination to mitigate the risk of an IS incident.