Program methods for developing recommendations in expert audit of information systems

Conducting peer review in the analysis and assessment of information security risks is one of
the relevant and constantly used methods in organizations. Obtaining competently compiled
recommendations related directly to the considered direction of the organization’s work is one of
the keys to reducing and preventing possible risks. In this paper, unique recommendations will be
considered and presented for input parameters selected and combined into one large database
from already used methods, based on the considered methods for analyzing and assessing information security risks in [1 3], as well as regulations, the legal framework and the necessary measures to detect, prevent and eliminate information security risks in organizations