Leta constructed a cybersecurity management system for Irkut corporation

The Leta company announced project completion on creation of the highly effective and balanced information security management system (ISMS) in Irkut corporation according to requirements and the recommendations of the international standard ISO/IEC 27001:2005.

For Irkut corporation — one of the key companies of the Russian aircraft industry — the protected information structure is the key to successful performance and a goodwill, says Leta. According to the results of the analysis of offers specialists of holding stopped the choice on Leta company as on already proved enhanced service provider in information security field. In a work progress the complex assessment of security of data assets of Irkut corporation was carried out. Specialists of Leta analyzed information security systems on compliance to requirements of the international standard ISO/IEC 27001.

Based on inspection to the customer complex measures for improvement of SUIB were proposed, and on their basis the corporate standard on management of cybersecurity was developed. Also more than 20 documents according to requirements of ISO 27001:2005 and the recommendations of ITIL are prepared (library the practician on management to IT processes).

The performed works allowed Irkut corporation to create accurate requirements to information security, to make integration of cybersecurity into processes of IT based on world practices of ITIL and ISO 27001, to carry out convenient automation of monitor processes of SUIB, to distribute responsibility between divisions of cybersecurity and IT, to lift questions of information security to the level of the management of corporation and based on processes of SUIB to initiate necessary projects on increase in the cybersecurity level.

"We are happy with a project deliverable on creation of complex SUIB according to requirements of the international standard ISO/IEC 27001 implemented by Leta company — the vice president Irkut corporation on administrative matters and security Mikhail Shkapyak noted. — For us it is a major step in the direction of development of information security and compliance of its status to international standards and the best practices in this area. During the project the high levels of information security support both organizationally, and technically were reached and also the foundation for further development was laid. It should be noted that owing to the comprehensiveness this project considerably facilitated our work on the majority of the current tasks in information security field".

According to Andrey Konusov, the CEO of Leta company, the project is significant both for Irkut corporation, and for Leta. "The most important conditions of security are the legality, sufficiency, respect for balance of interests of the personality and the enterprise, high professionalism of the employees dealing with issues cybersecurity, training of users and observance of all statutory rules of preserving of confidentiality by them, the cross liability of personnel and management, interaction with the state law enforcement agencies. Without observance of these conditions no information security system can provide the required level of protection. We express gratitude to the staff of Irkut corporation taking active part in implementation of this project. Thanks to fruitful team work we managed to develop an effective set of the regulating documents regulating processes of SUIB".