Development of a matrix method for the assessment of information and economic security of an industrial enterprise

The article focuses on the problem of the assessment of the state of industrial enterprise’s economic and information security. The purpose of the research is to develop an scoring matrix for information and economic security of an industrial enterprise. The paper presents the necessary economic indicators and their normative values. It also presents the criteria for assessing information security, illustrates the developed matrix and defines development strategies for each element. More over, it describes the algorithm for the use of the matrix. The scientific novelty of the paper is in the development of a matrix that assesses both the economic activity and information of an industrial enterprise in order to determine the priority direction of the development. As a result of the work, the authors present a matrix of information and economic security of an industrial enterprise with individual development strategies for each element. The results of the study will be useful for industrial enterprises not only to analyze their activities, but also to determine the directions of further development.


Introduction
In modern conditions of repeating economic crises, an ever-growing number of competitors, deep penetration of the information environment into business, it is very important to monitor the state of information and economic security of an enterprise in order to change the development strategy in time [1]. The article focuses on the problem of the assessment of the state of industrial enterprise's economic and information security in order to determine ineffectively functioning elements of an enterprise and provide a development strategy on this basis. The main purpose is to develop the scoring matrix for information and economic security of an industrial enterprise. The fundamental research methods are the method of analysis and graphic interpretation of information.
The issue of differentiation of types of security was studied by such authors as A.A. Khachaturyan, V.N. Ageeva [2]. Ponomareva S. V. indicates the need to clarify the term digital security in the legislation, since there is no basic concept of it [3]. I.D. Kamskova proposed the stages of implementation of the information security system at enterprises and systematized the requirements for information security systems [4]. Some authors pay attention to such a topic as the information aspect of economic security [5,6,7,8,9].
There are many authors involved in the development of scoring matrices. For example, I. Ansoff developed Ansoff's strategic matrix designed to determine the tactics and strategy of product positioning on the market [10]. G. Schwartz and S. Davis presented a matrix of cultural risk assessment, revealing the level of risk of the use of a particular strategy in the context of the existing culture in a company [11].
A. Veretennikova, E. Popov and Zh. Omonovs have developed a matrix for evaluating the effectiveness of social innovations. This matrix helps to determine the features with which the development of social innovations is taking place. [12]. I. Lipsits offers a marketing assesment matrix as a marketing tool in the analysis and development of commercial policy [13]. There is also a BCG matrix developed by the Boston Consulting Group led by Bruce Henderson, which served as a model for the development of the matrix proposed by the authors [14].

Matrix of information and economic security of an industrial enterprise
The authors of this paper developed the scoring matrix of information and economic security of an industrial enterprise. The matrix presented in Figure 1 is based on assessments of the economic and information security of an enterprise.
In order to develop a matrix, it is necessary to designate two axes (from the origin): the vertical axis (economic security) and the horizontal axis (information security). Each axis is divided into two equal parts. One part corresponds to low indicators of information and economic security, while the other corresponds to high indicators. After the calculations and entering the results into the matrix, an industrial enterprise will be able to refer itself to one of the matrix elements: «star», «square», «circle», «triangle». Consequently, each element of the matrix has its own development strategies: • «Star»-these are enterprises with a positive assessment of information and economic security, they need to hold their positions; • «Square» -these are enterprises with an effective information security system, but economic security has a negative assessment.
Here it is important to pay special attention to the economic indicators; • «Triangle» -these are enterprises with good economic indicators, but information security is assessed critically, therefore, it is necessary to increase its level first; • «Circle» -these are enterprises with a low level of economic and information security, thus it is necessary to completely reconsider their functioning 2 Indicators for the assessment of economic and information security of an industrial enterprise Tables 1 -4 present indicators, after the calculation of which, it is possible not only to determine the location of an industrial enterprise in the matrix, but also to draw a conclusion about the level of economic and information security at an enterprise, respectively.
Thus, if the ratio of economic security corresponds to an indicator equal to one (1) score, it means that the economic security of the enterprise is evaluated with high points.
If the economic security coefficient has a value in the range from 0.71 to 1.0 points, it means that the economic security of the enterprise is evaluated positively.
If the coefficient of economic security is in the range from 0.37 to 0.71 points or has a value equal to 0.5 points, it means that the assessment of the economic security of the enterprise is neutral.   In the case when the ratio of economic security is less than 0.37 scores or is generally equal to 0, this indicates that a company has a critical assessment of economic security.
Next, it is necessary to analyze the information security of an enterprise, evaluate each indicator, calculate the average value and compare with the normative value, and then assign the following scores to information security: 1.0 (positive); 0.5 (neutral) or 0 (critical).

Table 5. Assesment indicators of information security. Environment and infrastructure
Thus, with the average values of the information security coefficient from 8 to 10, a positive assessment of the level of information security of the enterprise is achieved.
If the average value of the information security coefficient from 5 to 8 points, then a neutral assessment of the level of information security of the enterprise can be obtained last.
However, if the average value of the information security ration is less than 5 scores, then this indicates that an enterprise has a critical assessment of information security.

Algorithm of operation with a matrix of information and economic security of an industrial enterprise
The authors of this work proposed the following algorithm to work with a matrix of information and economic security of an industrial enterprise: 1.
To make calculations of economic safety indicators presented in Table 1.

2.
To determine the average value of all ratios of economic safety and compare with the standard values.

3.
Tɨ assign the resulting result the appropriate points (1.0, 0.5, or 0), which will depend on the degree of compliance with the regulatory values of the economic security coefficient.

4.
To carry out the calculations of information security indicators, which are presented in Table  2.

5.
To determine the average value of all information security coefficients and compare the result with the standard values.

6.
To assign the obtained result the appropriate scores (1.0, 0.5 or 0) depending on the degree of compliance with the normative values of the information security coefficient.

7.
To mark the established coefficients of economic and information security on the corresponding axes of the matrix of information and economic security of an industrial enterprise.

8.
To determine the location of an industrial enterprise in one of the matrix elements (star, square, circle or triangle).

9.
To make a conclusion about what may be the priority direction of further development of an enterprise.

Conclusion
In modern market conditions, it is extremely important to analyze the economic component of the activities of an enterprise. Moreover, every enterprise needs to modernize its information security system in connection with the rapidly developing digital technologies [15]. The matrix proposed by the authors will be useful for industrial enterprises that want to analyze their activities and assess not only the economic state, but also the quality of information security and determine the development direction in accordance with the analysis.
The article consolidates all significant economic coefficients and regulatory and diagnostic indicators of the information and communication environment of economic entities of industry [16] what can be useful for the appropriate management and effective control of the level of risk and security of the entire information and economic infrastructure of the enterprise.
If top managers fix an imbalance in the information cycle or the financial and economic cycle of the company, then managers can turn to the proposed matrix model and identify the state of their management object by applying one of the author's strategies to eliminate negative trends in the security of the enterprise.
This research reveals four strategies for further adaptation of the enterprise, taking into account the identified negative determinants that have a destructive impact not only on the information security of the enterprise as a whole, but also on the entire socioeconomic policy of the entire economic entity.
Working in matrix modeling, managers, performing the entire embedded algorithm, fall into one of the zones: a star, a square, a circle or a triangle. Each zone corresponds to a further way to solve the problems identified during the implementation of the entire sequence of actions developed by the authors of this article.
Taking into account the entire concept of work, the customers of the proposed matrix modeling can be both enterprises and public services, information and communication corporations, firms that work on outsourcing, but are engaged in auditing or ensuring the financial and economic security of enterprises, regulatory authorities, internal affairs bodies and the Prosecutor's office.
In future, it is planned to introduce this matrix and consider information and economic security through the example of high-tech industrial enterprises, taking into account the calculation of all the proposed coefficients and the entry of the obtained indicators of information and economic security in a single register, with the further development of an interactive map on the level of security of economic entities of the Perm Territory and other regions of the Russian Federation.