INFORMATION SECURITY OF THE ORGANIZATION AS A FACTOR FOR STRENGTHENING THE EMPLOYER BRAND
Abstract
The article examines the relevance of forming and strengthening the employer's brand in the context of increased competition for talent and growing risks in the field of information security in the context of a full-scale war. Objective. The object is international information security standards in Ukraine and strengthening the employer’s brand. Methods of scientific knowledge: descriptive, abstract-logical, generalization, comparison. Results. The authors identified the key elements that are the basis of the employer brand, taking into account information security requirements. It is noted that the main direction of ensuring information security is the creation of a complex system of information protection, which includes a complex of technical and organizational measures. The issues of certification of information security management systems as an indicator of the effectiveness of management of the organization's business processes, information risks, stability, and reliability of the company's development are considered. A sequence of actions for the implementation of information security standards and a system of metrics for evaluating the effectiveness of information security standards as factors for strengthening the employer's brand are proposed. The paper substantiates that when forming the employer's value proposition (EVP) it is advisable to add compliance with information security standards to the set of advantages. Scientific novelty. For the implementation of information security standards in order to strengthen the company's employer brand, an algorithm is proposed, which consists of the following stages: 1. Assessment of the company's need for information security. 2. Determination of risk zones. 3. Development of an implementation plan. 4. Organization of training. 5. Creation of a checklist for compliance with information security standards in all divisions. Practical significance. To evaluate the effectiveness of the implementation of information security standards, the following metrics are proposed: 1. The number of security breaches. 2. Recovery time. 3. The number of employees who have undergone appropriate training. 4. Number of viruses and malware. Demonstrating a secure work environment and ensuring that employees' personal data is protected is an important aspect of an effective EVP that meets information security requirements.
References
Фірсова С. Г., Кожухівська А. О. Стратегічні аспекти управління брендом роботодавця. Ефективна економіка. 2020. № 9. URL: http://www.economy.nayka.com.ua/?op=1&z=8178 https://doi.org/10.32702/2307-2105-2020.9.51
Gontareva I., & Tymoshenko K. (2020) Methodical approach to the employer’s brand analysis on the case of it-companies. Social Economics, No. 58, p. 59–69. DOI: https://doi.org/10.26565/2524-2547-2019-58-08
Buchelt B., Ziębicki B., Jończyk J. et al. The enhancement of the employer branding strategies of Polish hospitals through the detection of features which determine employer attractiveness: a multidimensional perspective. Hum Resour Health 19, No. 77 (2021). DOI: https://doi.org/10.1186/s12960-021-00620-0
Biedenbach G., Biedenbach T., Hultén P. et al. Organizational resilience and internal branding: investigating the effects triggered by self-service technology. J Brand Manag No. 29, p. 420–433 (2022). DOI: https://doi.org/10.1057/s41262-022-00275-9
Вимоги до захисту інформації в інформаційних системах у воєнний час: розʼяснення Держспецзв'язку» URL: https://www.kmu.gov.ua/news/vymohy-do-zakhystu-informatsii-v-informatsiinykh-systemakh-u-voiennyi-chas-roziasnennia-derzhspetszviazku
Закон України “Про захист інформації в інформаційно-комунікаційних системах” URL: https://ips.ligazakon.net/document/Z008000?an=4764
Про затвердження Положення про державну експертизу у сфері технічного захисту інформації. Наказ Адміністрації Державної служби спеціального зв'язку та захисту інформації України від 16 травня 2007 року N9. URL: https://ips.ligazakon.net/document/RE14087].
GDPR General Data Protection Regulation URL: https://gdpr-info.eu/#:~:text=General%20Data%20Protection%20Regulation%20GDPR
HIPAA. URL: https://www.hhs.gov/hipaa/for-professionals/privacy/index.html.
PCI DSS. URL: http://surl.li/htaad
Firsova S.H., Kozhukhivsʹka A.O. (2020) Stratehichni aspekty upravlinnya brendom robotodavtsya. [Strategic aspects of employer brand management]. Efektyvna ekonomika. No. 9. Available at: http://www.economy.nayka.com.ua/?op=1&z=8178 https://doi.org/10.32702/2307-2105-2020.9.51
Gontareva I., & Tymoshenko K. (2020) Methodical approach to the employer’s brand analysis on the case of it-companies. Social Economics, No. 58, 59–69. DOI: https://doi.org/10.26565/2524-2547-2019-58-08
Buchelt B., Ziębicki B., Jończyk J. et al. (2021) The enhancement of the employer branding strategies of Polish hospitals through the detection of features which determine employer attractiveness: a multidimensional perspective. Hum Resour Health 19, No. 77 (2021). DOI: https://doi.org/10.1186/s12960-021-00620-0
Biedenbach G., Biedenbach T., Hultén P. et al. (2022) Organizational resilience and internal branding: investigating the effects triggered by self-service technology. J Brand Manag, No. 29, p. 420–433. DOI: https://doi.org/10.1057/s41262-022-00275-9
Vymohy do zakhystu informatsiyi v informatsiynykh systemakh u voyennyy chas: rozʼyasnennya Derzhspetszv'yazku» Available at: https://www.kmu.gov.ua/news/vymohy-do-zakhystu-informatsii-v-informatsiinykh-systemakh-u-voiennyi-chas-roziasnennia-derzhspetszviazku]
Zakon Ukrayiny “Pro zakhyst informatsiyi v informatsiyno-komunikatsiynykh systemakh” Available at: https://ips.ligazakon.net/document/Z008000?an=4764
Pro zatverdzhennya Polozhennya pro derzhavnu ekspertyzu u sferi tekhnichnoho zakhystu informatsiyi. Nakaz Administratsiyi Derzhavnoyi sluzhby spetsialʹnoho zv'yazku ta zakhystu informatsiyi Ukrayiny vid 16 travnya 2007 roku N9. Available at: https://ips.ligazakon.net/document/RE14087.
GDPR General Data Protection Regulation Available at: https://gdpr-info.eu/#:~:text=General%20Data%20Protection%20Regulation%20GDPR
HIPAA. Available at: https://www.hhs.gov/hipaa/for-professionals/privacy/index.html.
PCI DSS. Available at: http://surl.li/htaad
