|
|
The Implementation of ISMS in Small Company
Palarczyk, Vít ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
This master's thesis is focused on the design of the implementation of information security management system (ISMS) into a specific business. In the theoretical part, it provides basic concepts and detailed description of ISMS. There is also described the analysis of a current information security state of the company. In the practical part, it provides a risk analysis and selection of measures to minimize found risks. In the final part is designed a process and a schedule of an implementation of the selected measures.
|
|
|
ISMS Implementation in the Enterprise
Pawlik, Jan ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
This master thesis deals with the implementation of the information security management system according to the standard ISO/IEC 27 001 in the environment of a small company. In the first part, it focuses on the theoretical background of the information security. The second part deals with the analysis of the company and concept of a company's measures to increase the security of information within the selected company.
|
|
|
Information Security Management in Healthcare Organization
Hajný, Jiří ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
The diploma thesis focuses on implementation and deployment of information security management system (ISMS) into healthcare organizations. Specifies what is required to include in this process and what not to forget. It includes a risk analysis of a branch of the selected company, and for it is written a safety guide. Safety guide provides advice and recommendations regarding security in terms of human resources, physical security, ICT security and other aspects that should be included in the ISMS deployment in healthcare organizations. The work also reflects the newly emerging law on cyber security. It is expected that the law will also address cyber security in healthcare.
|
|
|
The Implementation of ISMS in Small Company Focused on ICT
Kosek, Jindřich ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
The diploma thesis is focused on the design implementation of information security management system in a small business and is applying theoretical knowledge to real-life situations in a manufacturing company. First of all is performed analysis of current status and the consequent threats which can affect the company's assets. Thereafter are proposed measures based on identified risks and requirements of the owner.
|
|
|
Implementation of ISMS in the Commercial Company
Dejmek, Martin ; Soška, Libor (referee) ; Sedlák, Petr (advisor)
This master thesis deals with the implementation of information security management system in the company. It summarizes the theoretical background in this field and uses it to analyze the current state of information security, as well as analysis and risk management and not least the actual implementation of ISMS in the particular company. This work also contains three groups of measures that reduce the impact of identified risks and which also implements an essential parts of ISMS.
|
|
|
Security Management of Information Systems for the Kaliště Municipality
Kutiš, Pavel ; Bláha, Lukáš (referee) ; Sedlák, Petr (advisor)
This Diploma Thesis is being focused on Information Security Management System implementation for a certain municipality. The work has been divided into two parts. The first part deals with theoretical basis which are based on the ISO/IEC 27000 standards. The second part contains the practical implementation following the theoretical background from the first part. The implementation itself has been divided into three stages and this thesis is mainly concentrated on the first stage.
|
|
| |
|
|
Application of the act and subsequent regulation on cyber security at state administration´s offices
Pech, Jan ; Čermák, Igor (advisor) ; Jícha, Karel (referee)
The thesis is focused on the Czech act no. 181/2014 Sb., on cyber security and subsequent regulations, introduces origin and importance of act, defines the state administration´s office which identifies important information systems according to regulations, and subsequently thesis detailed analyses act and regulation on cyber security in relation to the defined state administration´s office. Keynote of this thesis is show the real application of identified obligations of the act and regulation to the defined state administration´s office, especially a design, implementation and management of organizational and technical security measures, including the evaluation of real impact on information security. To achieve the set goals author of this thesis uses the analysis of legislation, and draws own conclusions from author´s position of a security technologist who actively participated in the design security policy, and implementation and management of security tools. The benefit of this thesis is complex overview of the security employees work at defined state administration´s office, overview of the real fulfilment obligations of the act and regulation of cybernetic security, and ultimately this thesis brings ideas for further development of technical security tools. This thesis can brings benefit to other important information systems administrators as a set of processes, proposals and recommendation for their own information security management system. This thesis is structurally divided into four main parts. The first theoretical part introduces origin, importance and impact of the act on state and private organizations. The second analytical part analyses act and subsequent regulations in relation to the defined state administration´s office. The third practical part shows the real application of organizational and technical security measures. The fourth last part evaluates the real impact of measures on information security.
|
|
|
Management informační bezpečnosti
Janíček, Kryštof ; Čermák, Igor (advisor) ; Čelikovská, Martina (referee)
Information Security Management System (ISMS) gets superior level of importance. This paper focuses on Information Security Management and International Information Security Standards ISO/IEC 27001 and ISO/IEC 27002 (IISS). First par of thesis reviews the historical context and introduces the field to gain better understanding of following elaborate analysis of the changes, benefits, threats and consequences of ISMS. This paper objective to analyse older and newer issues of IISS based on comparative approach to evaluate benefits and risks of these changes, that ultimately reflect possible future developments.
|
|
|
Information Security Risk Analysis in company operating in the distribution of healthcare and beauty products
Genský, Oliver ; Veber, Jaromír (advisor) ; Luc, Ladislav (referee)
This thesis processes the risk analysis topic, which is included in the overall information security management system. Thesis is divided into two parts; theoretical and practical. Terms and processes used in the risk analysis are included in the theoretical part. This section also describes standards that offer best practices of information security management, based on historical experience in variety of businesses. The defined terms and the chosen standards and methods are thereafter applied in the practical section, where risks of a particular business are analyzed and afterwards supported by an evaluation of risks and proposed solutions. This work is concluded by an overall information security report, which is consulted with the lead management of the business.
|
guest ::
