|
|
Adequate information security
Drtil, Jan ; Molnár, Zdeněk (advisor) ; Čapek, Jan (referee) ; Lukáš, Luděk (referee)
Abstract 1) Goal of the thesis There is an assumption that companies are nowadays spending money on IT Security not according to the importance of the information for the company. In order to prove it or not, this thesis is about to check it. In case that this is true, the aim of this thesis will be to find out the methodology that can be used to verify, whether money are spent effective and efficiently or not. 2) Aiming of the thesis From the content point of view the focus of this work is information security methodics. From the research point of view the research was conducted on medium and small organisations in automotive, mainly due to the fact that automotive industry is an important part of our national economy (approx. 8% of GDP). 3) Outcomes of the thesis From the theory point of view the definition of "adequacy" of the information security was set. Adequacy consists of two parts -- the value of information, and the importance of information. The way how to determine both value and importance was found as well. From the reality point of view there was a finding that researched organisations do not undergo any systematic approach in the information security, what can negatively impact the frequency and importance of security incidents in the organisations. One of the main results of the research is the fact that in case there is a need to make effective and efficient information security based on the support of the management of the company. Finally, the next result is creating and verification of the "Adequate information security methodology", which can be used by managers in order to increase effectiveness and efficiency of the sources spent on information security. There is an extension of this Methodology covering the individuality of the decision maker and circumstances that influence him.
|
|
|
IT risk management in civil service
Ambrož, Ondřej ; Veber, Jaromír (advisor) ; Drtil, Jan (referee)
This bachelor thesis focus on issues of security risk management of information technology. Risk management is a comprehensive proces of which main part is a risk analysis. In this thesis is put the great emphasis on the risk analysis. Firstly, there is briefly introduced the history of risk management and the history of information security. Subsequently, there are fundamental terms defined. Important part of this thesis is definition of the civil service and some of its specifics. In the scope of practical part, there is described current situation of IT in the organization of the civil service and subsequently, there is executed the risk analysis of information security and countermeasures to reduce identified risks are suggested.
|
|
|
Protection of The Information in The Organization
Hlaváček, Jan ; Molnár, Zdeněk (advisor) ; Drtil, Jan (referee)
Protection of information and knowledge in organization in the context of the tumultuous development of information technology has become one of the most important areas where attention is directed by experts and the general public. It is a very large problem, affecting virtually all areas of the economy, with forays into the private lives of owners, members and employees of the organization. The protection of information and knowledge can be only regarded as data protection, as is generally perceived, but also to protect other assets of the organization, especially intangible assets. For this reason, the theoretical part deals with the legal aspects of privacy issues in the field of labor relations and on issues of definition and protection of intangible assets and intellectual property. The practical part of the survey focused on information security in the Czech Republic. The first part compares the state of the most common security incidents and threats in the Slovak Republic in 2008 and in the Czech Repubic in 2009, formulates recommendations and ways to prevent against the occurrence of security incidents. The second part compares the practical part of the state of information security in the CR between 2007 and 2009 under the headings of the respondents carried out the survey. The conclusion of this section summarizes the status of the security situation in those years and points to new aspects. The third part of the practical part is based on direct involvement in the preparation and implementation of the project PSIB for the period 2010 and 2011. It describes the status, methods of procedure and method of implementation in concrete terms PSIB by DSM. It points to some problems in the practical implementation of research and suggests possible approaches to their solution. The conclusion includes suggestions and recommendations for the realization of the information in the surveyed areas, as well as changes and measures aimed at effective implementation of that survey.
|
|
|
The protection of information in an organization
Hodulák, Petr ; Molnár, Zdeněk (advisor) ; Drtil, Jan (referee)
The protection of information in an organization is an often debated issue today. This Bachelor Thesis outlines the issue of the protection of information in an organization specifically in the economic sector of insurance. To be clearly organized the Thesis is divided into the theoretical and practical part. At first the theoretical part deals with the individual steps for creation of the security policy and the content of the most important elements ensuring the information security in general. Afterwards, the Thesis already focuses on the area of insurance directly and analyzes in detail the solution of privacy policy in this area, what data about the client are collected by insurance companies and how the data are treated. The review about the current state of the information security in the Czech Republic is also stated here to get a better idea. The practical part is occupied with the comparison of the products and services, which are offered by the selected companies specializing in the information security in the area of insurance. Then the result of the executed study is presented through the graphical summary, which is listed in the conclusion of this Thesis.
|
guest ::
RSS feed.