| |
|
Methodology of a security audit
Kroupová, Hana ; Hana,, Sobotková (referee) ; Sedlák, Petr (advisor)
The master‘s thesis is focused on security audit. The aim of this thesis is to create methodology, which might help with creating security audits and research current condition of cybernetic and information security in a business establishment. Theoretical part explains basic terms and concepts about cyber and information security. Own interpretation consist description of methodological areas of security audit.
|
|
The proposal of ISMS implementation in the public administration
Štukhejl, Kamil ; Tomáš,, Krejčí (referee) ; Sedlák, Petr (advisor)
This diploma thesis focuses on the implementation of information security management system in the public administration based on ISO/IEC 27000 series of standards. The thesis contains theoretical background, introduction of the organization, risk analysis and a proposal of appropriate measures for minimization of these identified risks. In the end, an implementation plan is proposed including an economic evaluation.
|
|
GAP analysis of information security management system
Konečný, Martin ; Tomáš,, Krejčí (referee) ; Sedlák, Petr (advisor)
The master’s thesis focuses on GAP analysis of information security management system. The thesis consists of theoretical, analytical and practical part. The first part discusses the theoretical background of the issue of information and cyber security. The analytical part describes the current condition of the researched company. The thesis’s output is the draft of risk register and draft of security countermeasures implementation. The draft targets on countermeasures leading to increase information security in company.
|
| |
| |
| |
| |
|
Implementing security policy in the company
Techlovský, Stanislav ; Čermák, Igor (advisor) ; Čelikovská, Martina (referee)
The aim of this diploma is description of the design of information security management system for the company implementing the international standards ISO/IEC 27000. The theoretical part deals with standards of ISO/IEC 27000 as well as practical guide for im-plementation into the information security management system in the company. Following part describes the current status of the security status of the company. The practical part analyzes the data collected from previous part on the basis of which is a copy of the draft introduction of information security management system in the company.
|
|
Proposal for the ISMS Implementation in Company with CI Support
Šebrle, Petr ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the methodology of Management of Information Security in a medium size company supporting critical infrastructure. The first part is focused on the theoretical aspects of the topic. Practical part consists of analysis of the current state, risk analysis and correction arrangements according to the attachment A of standard ČSN ISO/IEC 27001:2014. Implementation of ISMS is divided into four phases. This thesis however covers the first two phases only
|