|
|
IT security management by the ITIL and COBIT methodologies
Štolbová, Milena ; Svatá, Vlasta (advisor) ; Pösinger, Martin (referee)
IT security management is one of the essential processes in the company. This thesis deals with aspects of managing the IT security by the methodology of ITIL and COBIT. First part is focused on covering the IT security, defining the terms and concept necessary for indicating the impact of the IT security breach, the common threads which the company needs to resist and stance of methodology ITIL, COBIT and ISO/IEC 27002:2005 for managing the IT security and its specifics. In the following chapter there is a sentencious look at the structure of methodology of COBIT and more detailed depiction of COBIT Security Baseline document. The next chapter defines the methodology of ITIL, briefly compares the ITIL v2 and ITIL v3 versions, and what is more, comes up with structured view into the document of Security management which details the concept of IT security management within the company by the ITIL standards. The main thesis objective located in the last chapter is to compare the main features of both methodologies, the range of their aplicability within the company, and which is the most important, comparing them in the field of managing the IT security.
|
|
|
Assessment of Information systems quality
Weberová, Pavla ; Svatá, Vlasta (advisor) ; Říhová, Zora (referee)
This thesis is engaged in Information Systems quality, because the accent on quality is present trend. In this thesis is defined the term of "Quality of Information System" and the most important standards are described. Further the ways of quality assessment -- certification and audit are put near. The procedure of the quality audit is proposed. Also this thesis containes patterns of the checklists for the quality audit
|
|
|
Implementation and Evaluation of IT Governance in Organizations
Tarbajovský, Maroš ; Svatá, Vlasta (advisor) ; Megela, Mario (referee)
The main objective of this thesis is to meet Governance as a new approach in company organization, especially in IT sector. The idea is about harmonization of IT and business strategy, that should ensure achieving company goals and missions, and lead company in the right direction of advancement, what is directly connected with implementation of relevant measures of IT processes. As chapter "Governance", is describing how this approach should by ensure in whole organization on a different levels. We can translate Governance as implementation of certain best practices and procedures that lead company to process standardization and formalization. The most exercising methodologies and guidelines in IT sphere as ITIL, Val IT, CobiT, ISO 27000 are reviewed in thesis. By these methodologies organizations should be able to better optimize processes and accomplish regulation frame in particular industry. Another very important contribution of process standardization is by providing better possibilities for measurement and assessment, that is reviewed in chapter "Evaluation of IT processes performance". There is also transparent guideline which provides a simple steps procedure how to implement IT Governance in organization using CobiT and Vat IT. As this branch is relatively "young", especially in Czech Republic, management is still familiarizing with it. Last chapter is dedicated to analyze approach to ITG in Czech Republic banking sector.
|
|
|
Audit of application systems
Smola, Martin ; Svatá, Vlasta (advisor) ; Telíšková, Vladana (referee)
This thesis is concerned with audit of application system in copany MCR Technology s.r.o., identification of problem areas and following suggestion of possibilities in solving problems, which were identified pursuant to realized audit. First part is focused on general definition and characteristic of audit with view to his goals, mission and effective realization. Then is thesis concerned with audit of information systems, where are defined instruments and methodics for IS audit realization. Second part is focused on audit of application system in company. Audit involves selection of relevant application control form COBIT methodics and their modification for conditions of small copany. After it follows realisation of audit base on select control, summary of audit finding in audit report and indentification of problem areas. The subject of the third part is draft of solutions of problem areas in application system which were identified pursuant to audit.
|
|
|
IT Governance
Šimková, Hana ; Svatá, Vlasta (advisor) ; Ganoczy, Eduard (referee)
IT governance (control of information technology) is a frequently discussed topic today which represents current needs to take control of IT, judge impacts of all resolutions and lead up investments running to the information technology. It is very important for both small and large organizations to have IT which encourages business strategy and helps to meet objectives of a company. The theoretical part of this paper is focused on characterization of the main areas, benefits, rules and various definitions of IT governance. Then the paper deals with legislative instruments and main frameworks of the IT governance. Reasons for the implementation and difficulties that IT governance brings are also defined there. The second part of this paper, which is practically oriented, deals with evaluation and analysis of the current situation in the organization named Unicorn. This part focuses in particular on the maturity assessment of selected IT processes according to Cobit methodology.
|
|
|
Audit informačního systému společnosti Terms a.s.
Eremiáš, Karel ; Svatá, Vlasta (advisor) ; Maule, Pavel (referee)
The work summary problems of information systems audit and use these findigs while performing information system audit in a real company. Audit is performed using COBIT methodology and it respects not only requirements set by methodology but even special requirements set by organization. The work is also checking usability of COBIT methodology while performing audit in the conditions of medium size czech company.
|
|
| |
|
| |
|
|
IT GOVERNANACE AT THE MINISTRY OF FOREIGN AFFAIRES OF THE CZECH REPUBLIC: SYSTEMIC APPROACH AND FIELD IMPLEMENTATION
Protiva, Tomáš ; Pour, Jan (advisor) ; Pilař, Luboš (referee)
The diploma thesis reacts on the interest of the Czech foreign ministry IT department to get an overview of ITIL 2 and COBIT 4.1 world-wide acknowledged IS/IT management best practice libraries. Both libraries are put in the framework of IT Governance theory and practice. COBIT is presented as world ITG standard, meaning the alignment of organization's strategic goals and IT goals. It is focused on organizations, where the shift of IT perception towards a strategic partnership with the business is driven by top-down board initiative. On the other hand, the ITIL core texts Service Support and Service Delivery are treated as a standard of IT service management, suitable as a framework to establish processes within the foreign ministry's IT department. Three alternative implementations of the two libraries are shown, in a situation of non-existent process management and information architecture. Moreover, the IT Governance initiative has a bottom-up character. The first variant connects ITIL and COBIT process models to the goals and projects outlaid in the 2008-2010 IT Strategy draft (IT BSC was used in the strategy to set up goals). The COBIT processes are aligned to the IT BSC domains and projects; further on, more detailed ITIL tools are assigned to the COBIT processes using the toolbox [IT GOVERNANCE INSTITUTE; OFFICE OF GOVERNMENT COMMERCE. Aligning COBIT, ITIL and ISO 17799 for Business Benefit]. As the projects formulated in the IT Strategy don't focus on the fundaments of process management, a stepwise approach to document the current processes using the ITIL: Service Support and Service Delivery framework is suggested. The second variant came into reality in mid 2008: COBIT has been used without success to estimate users' preferences. The reasons of the failure are discussed. Czech translation of COBIT 4.1 maturity models by the author intended to use as one of the tools in the opinion poll is attached as Annex 2. The last variant is not directly aligned to the problems of foreign ministry's IT/IS, but it is the most pragmatic guide to the implementation of the libraries. As an external help desk has been already launched, I suggest the establishment of ITIL Incident Management and Problem Management processes, supported with a CMDB configuration database.
|
|
|
Measuring of relationship between IS/ICT's effectiveness and company?s effectiveness
Trávníček, Tomáš ; Novotný, Ota (advisor) ; Pour, Jan (referee)
V první části práce jsou analyzány nástroje pro měření efektivnosti firmy a nástroje pro měření efektivnosti firemního IS/ICT. U obou skupin je hodnocena jejich vhodnost pro měření efektivnosti. Dále jsou analyzovány faktory podmiňující efektivnost IS/ICT ? tj. řízení firemního IS/ICT a řízení a hodnocení IS/ICT investic. V další části jsou popsána specifika bankovního odvětví a současné trendy ovlivňující efektivnost bankovních procesů. V závěru práce jsou navrženy dvě metody měření vazby mezi efektivností IS/ICT a efektivností firmy jako celku. První z nich se opírá o statické hodnocení zralosti IT procesů a plnění firemních cílů. Druhá metoda vychází ze systémové dynamiky a dynamických modelů.
|
guest ::
