A systematic approach to the automation of the processes of ensuring personnel competence at critical infrastructure facilities of the defense forces of Ukraine
Abstract
The publication is devoted to the problems of automation of the system of selection and assessment of personnel compliance, which should ensure the safety of critical infrastructure facilities of the Defense Forces of Ukraine. The article examines the main regulatory documents, requirements for personnel, and ways of assessing the appropriateness of their knowledge, skills, and competencies. The requirements of professional standards developed for the sphere of critical infrastructure of the Defense Forces of Ukraine and information protection are taken into account. This work aims to identify the basic problems associated with the selection of qualified personnel, assessment of their compliance and determination of the quality of work in activity processes. The materials of the article refer specifically to the objects of the critical infrastructure of the Defense Forces of Ukraine and consider the features related to the processes of ensuring the security of the critical infrastructure. The results obtained as a result of the analysis of personnel problems in the field of ensuring the security of critical infrastructure facilities should help the heads of institutions, organizations, enterprises, as well as HR units in the formation and staffing of units, training and placement of personnel. When preparing the publication, the main normative acts regulating the processes of critical infrastructure protection, the experience of developed countries, primarily the USA and the European Union, security standards (DSTU ISO/EN 27001, NIST Special Publication 800-181) and recommended practices were considered. The conclusions contain recommendations regarding the automation of the system of selection, training and advanced training of personnel in the field of protection of critical infrastructure objects, as well as its information and cybersecurity. Recommendations are given for improving the automation of personnel selection and placement procedures, planning professional development, and creating a professional training system based on the knowledge management system
Keywords
automation; management systems; critical infrastructure protection; personnel competence; information security standards; knowledge; skills; competencies; knowledge management
References
[1] Andreeva, T. (2005). Motivation of people at work. Personnel management, 4.12.
[2] Information Security, Cyber Security and Privacy Protection – Information Security Management Systems – Requirements: State Standard of Ukraine DSTU ISO/EN 27001:2022.
[3] Kremen, V.H., & Ilin, V.V. (2022). Philosophy of human-centrism in the system of anthropological studies. Anthropological Measurements of Philosophical Research, (21), 5-14. Retrieved from https://doi.org/10.15802/ampr.v0i21.260429.
[4] Krill, M. (2018). Meritocracy as the kingdom of reason. Retrieved from http://cloudwatcher.ru/analytics/3/view/35/.
[5] Malikhin, O.V., & Yarmolchuk, T.M. (2020). Current learning strategies in the professional training of information technology specialists. Information technologies and teaching aids, 76(2).
[6] NIPP 2013 Partnering for Critical Infrastructure Security and Resilience (n.d.). Retrieved from https://www.cisa.gov/resources-tools/resources/2013-national-infrastructure-protectionplan.
[7] Obolonsky, A.V. (2001). Personnel policy in the federal civil service of the USA: History and modernity. Social sciences and modernity, 3. 41-61.
[8] Official bulletin of the French Armed Forces (2009). Nov. 13, No. 44, permanent part of the General Staff.
[9] On Adopting the Regulations for the Evaluation and Promotion Process: Royal Decree (document No. 2). (2001). Sept. 28, No. 1064.
[10] On Approval of General Requirements for Cyber Protection of Critical Infrastructure Objects: the Resolution of the Cabinet of Ministers of Ukraine. (2019). June 19 No. 518. Retrieved from https://zakon.rada.gov.ua/laws/show/518-2019-%D0%BF#Text.
[11] On Approval of the List of Works Where There Is a Need for Professional Selection: the Order of the Ministry of Health (1994). Sept. 23, No. 263/121.
[12] On Critical Infrastructure: the Law of Ukraine (2021). Document 1882-IX. Editorial from 05.12.2022. Retrieved from https://zakon.rada.gov.ua/laws/show/1882-20#Text.
[13] On the Basic Principles of Ensuring Cyber Security of Ukraine: the Law of Ukraine. (2019).
[15] Document 2163-VIII. Editorial from 08/17/2022. Retrieved from https://zakon.rada.gov.ua/laws/show/2163-19#Text.
[16] On the Organization of Personnel in the Armed Forces of Spain: the Law (document No. 1) (1999). Chapter II of Chapter VII "Evaluation Process" and Chapter I of Chapter VIII "Procedure for Promotion". May 18, No. 17.
[17] Pan, L.V., Sysenko, N.V., & Abramovych, O.K. (2004). The concept of knowledge management as a new direction of organization management. Proceedings, Economic Sciences, 30.
[18] Prokopenko, O.S., Rybydaylo, A.A., & Vasyukhno, S.I. (2020). Application of controlling technology for career management of military personnel. Collection of scientific works of the Center for Military and Strategic Studies of the National Defense University of Ukraine named after Ivan Chernyakhovsky, 1(68). 66-73.
[19] Study of the Problems of Managing the Career of Military Personnel, Taking into Account the Requirements for Candidates for Positions in the Armed Forces of Ukraine: Report on the GDR (code "Passport"). (2018). Kyiv: NMC KP MOU.
[20] The Army Strategic Planning Guidance 2006-2023 (2023). Retrieved from https://www.hsdl.org/%3Fabstract%26did%3D443218+&cd=2&hl=ru&ct=clnk&gl=u.
[21] Vetrov, V.I., & Vraneshych, O.V. (2020). Model of personnel management. Defense Bulletin, 3, 16-21.
[22] Workforce Framework for Cybersecurity (NICE Framework): NIST Special Publication 800181. (n.d.) National Institute of Standards and Technology.