|
|
Organizational measures to ensure information security at Faculty of business and management
Mráz, Tomáš ; Petr,, Barták (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the analysis of the current state and the design of security measures within the information security management system at the Faculty of Business, Brno University of Technology. The proposed security measures take into account in particular the requirements set by Act No. 181/2014 Coll. on Cyber Security and on Amendments to Related Acts and Decree No. 82/2018 Coll. on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal.
|
|
|
Organizational measures to ensure information security at Faculty of business and management
Mráz, Tomáš ; Petr,, Barták (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the analysis of the current state and the design of security measures within the information security management system at the Faculty of Business, Brno University of Technology. The proposed security measures take into account in particular the requirements set by Act No. 181/2014 Coll. on Cyber Security and on Amendments to Related Acts and Decree No. 82/2018 Coll. on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal.
|
|
|
Analysis of the state of Disaster Recovery Management in a particular company, analysis of incidents and suggestion of measures
Novák, Martin ; Bruckner, Tomáš (advisor) ; Žalčík, Hynek (referee)
This thesis focuses on the topics of Business Continuity Management and Disaster Recov-ery Management in the context of small and medium sized businesses which offer or use IT services in the cloud. The aim of this thesis is to carry out a theoretical research of BCM and DRM in the aforementioned context and to analyze situation in a specific company based on the results of the research. This includes analysis of specific incidents that hap-pened in the company, analysis of how the company reacts to the incidents and how are the incidents logged and reported. The analysis identifies weak spots in the company and their potentials of improvement. The most serious weak spot discovered is that BCM and DRM are not implemented in the company. In the last part this thesis suggests measures to im-prove the situation in the specific company. That includes both specifying general goals and procedures and also defining specific policies, plans and reaction schemes. Specifically those are politics handling the incidents categorization, warning and communication, inci-dent reporting and performing maintenance.
|
|
|
Disaster Recovery plan for healthcare organisation
Prokeš, David ; Potančok, Martin (advisor) ; Bruckner, Tomáš (referee)
Theme of this thesis is Disaster Recovery and Business Continuity Planning. Main goal is design of Disaster Recovery plan for specific healthcare organization. One part of the design is analysis of analyzed hospital and identification of core applications and weak spots of the system. Within the analysis is risk assessment and assessment of its impact on the main applications. Based on this research the Disaster Recovery Plan is proposed. First part defines basic parts of Business Continuity Management and process of creating plans of recovery, including theoretical description of all steps necessary to implement these plans. Second part contains analysis of examined hospital with all the steps defined in previous chapters and definition of Disaster Recovery plan, which is main output of this work. Partial goal of this thesis includes proposal of implementation of Disaster Recovery plan and final assessment of analysis and its outputs
|
|
|
Business Continuity Management in ITIL and CobiT methodologies
Holub, Jan ; Svatá, Vlasta (advisor) ; Toman, Prokop (referee)
This work deals with the importance of information for organizations and threats to the safety of IS / ICT, which the organization faces. Further about the information safety management according to ISO 27001 and 27002. The main goal of this work is to describe approaches to business continuity management using the BS 25999-1 and BS 25999-2 and specifics for the IT service continuity management according to ITIL and CobiT methodologies. This work searches for interactions and differences between the procedures for continuity management. In the final part the procedure is shown for the introduction of BCM in a telecommunications company on the sample process.
|
|
|
Optimalization of BCP in accordance with a system of crisis management in CR
Peštová, Aneta ; Kopecký, Zdeněk (advisor) ; Kohout, Petr (referee)
Companies are during their operation impacted many risks from inside or outside. Business Continuity Management is a managerial discipline that deals with providing resistance against operation company risks and was developed due to the increasing requirement to save against unforseen incidents. The goal of this thesis is to optimize the Business Continuity Plan of particular company in accordance with a system of crisis management in Czech Republic.
|
|
|
Cloud Computing as a BCM tool
Lukášová, Pavlína ; Chlapek, Dušan (advisor) ; Dotlačil, Jaroslav (referee)
This thesis deals with possible interconnections between two concepts playing a big role in contemporary business and IT world. These concepts are Business Continuity Management and Cloud Computing. In the scope of this thesis there are certain areas identified where both concepts are complement, where Cloud Computing brings new opportunities for Business Continuity Management and where could possible problems arise during particular implementation. From the BCM perspective the impact lies on IT services, from the Cloud Computing perspective the thesis deals especially with security aspects. The thesis is also aimed at the characteristics of higher education and basic differences from commercial sphere. Based on defined differences and identified interconnections between BCM and Cloud Computing, the thesis argues for usage of suitable Cloud Computing solution for higher education regarding Business Continuity improvement. The multi-criterion comparison of several Infrastructure-as-a-Service solutions stems from this analysis focusing on technical, financial, and Business Continuity aspects. The result from this comparison together with conclusions from previous chapters serve as an input for subsequent practical proposal of Cloud Computing solution and its verification against Business Continuity improvement in specific conditions on University of Economics in Prague. The proposal is also represented by strategic map.
|
|
|
Using process analysis for delivering process continuity in utilities sector
Musil, Petr ; Svatá, Vlasta (advisor) ; Ludvík, Jakub (referee)
This work covers process continuity as the source of a business continuity management. In first theoretic part this work connects continuous behavior of systems with the business continuity and the process continuity. Then in second part of the work we look into present knowledge in business continuity management systems and we cover key standards for business continuity management. We also look into connections among those standards for business continuity and we pinpoint chapters of British standard BS 25999-1 with its counterparts in IT service frameworks such as ITIL v3 and COBIT 4.1. In the final part, this work covers use of process analysis and process models as tools for delivering business continuity through process continuity and preparing business continuity plans in utilities.
|
|
|
The issue of RTO and RPO in business continuity management
Salai, Viktor ; Bruckner, Tomáš (advisor) ; Martanová, Kateřina (referee)
This thesis is concerned about Business Continuity Management with the focus on determination of the RTO and RPO parameters. The work is divided into two main parts. The first section briefly describes theoretical issues of Business Continuity Management in conjunction with IT Service Continuity Management. Then there are described various technologies that are currently used to ensure continuity and recovery of IT systems. In conclusion of the theoretical part, the work focuses on the process of Business Impact Analysis. This thesis thus offers a comprehensive view of main principles and benefits that these concepts have for company and how they should be integrated with each other. It provides an overview of various technologies, their link to RTO and RPO parameters and also the definition of steps of disaster recovery procedure. The work also briefly defines the basic procedure for determination of the RTO and RPO parameters, subsequent steps needed to design recovery solutions and analyzes various aspects which need to be considered when defining the parameters of continuity. The second practical part is based on the previous theoretically defined procedure and its aim is to analyze the data acquired during the questionnaire investigation in chosen company to determine the parameters of continuity for the applications in use and then suggest appropriate ways of addressing their backup and recovery. The result of this thesis is therefore a description of the analysis and practical application of methods for setting the parameters for continuity of information systems and the subsequent establishment of necessary measures.
|
|
|
Business Continuity Management and IT
Zdvořáček, Jan ; Bruckner, Tomáš (advisor) ; Martanová, Kateřina (referee)
The aim of this thesis executes a service continuity analysis in a real company. To achieve this we must lay certain theoretical bases, first of all in Business Continuity Management area and that in comprehending its significance for the organisation, understanding its implementing and its consequent operative management. The following part sums up theoretical knowledge in Business Continuity Management branch called IT Service Continuity Management. IT Service Continuity Management is specifically focused on continuity in providing IT services, which play a key role in continuity preserving nowadays. It is even more so as the majority of business processes are supported by information and communication technologies today. Understanding the basic terms creates only a theoretical basis for the next part, which focuses on strategy analysis of preserving service continuity in a specific company. The greatest benefit of this thesis will be, based on the knowledge achievement, executing a practical IT Service Continuity Plan analysis in a real company located on the Czech market. The whole plan will be analysed and evaluated and recommendations for potential improvement in the plan's efficiency increase will be suggested where applicable. General conclusion shall be drawn based on this analysis.
|
guest ::
