|
|
Implementation Methodology of Network Security in the Software Company
Tomaga, Jakub ; Sopuch, Zbyněk (referee) ; Sedlák, Petr (advisor)
This thesis deals with network security and its deployment in the real environment of the software company. The thesis describes information management framework with a specific concentration on computer networks. Network security policy is designed as well as network infrastructure modifications in order to increase the level of security. All parts of the solution are also analyzed from financial point of view.
|
|
|
ITSM in Small and Medium-Sized Enterprises
Olej, Vojtěch ; Holop, Patrik (referee) ; Malinka, Kamil (advisor)
This bachelor thesis deals with the compilation of own methodology for risk management, which is based on existing standards, applicable in small and medium-sized enterprises in the Czech Republic. The theoretical part analyzes the legal obligations, existing standards and the current situation. The practical part includes the design of the methodology, deployment in the selected company and usability evaluation.
|
|
|
Implementation of standard ISO 27701 in the company using Gap analysis
Vicen, Šimon ; Konečný, Martin (referee) ; Sedlák, Petr (advisor)
This thesis analyses current state of the system for implementation of standard ISO 27701: 2019 extention. This standard extends already established standard ISO 27001. The thesis evaluates set of controls to the requirements of standard ISO 27701: 2019. Theoretical part contains information regarding the information security, describes a set of ISO 27000 standards as well as European and Czech legal acts related to information security. Following analysis of the company is performed with the application of security measures while implementing the extension standard ISO 27701. Contribution of this thesis is evaluation of the analysis which results from implementation of recommended standard to address the increased number of security threats and the protection of security information.
|
|
|
Analysis of information security in selected municipalities
KUBALA, Lukáš
The aim of this work is to analyze information and communication technologies in selected municipalities using security standards, especially ISO / IEC 27000. The work focuses mainly on the state of cyber security and the impact of GDPR regulation on systems in municipalities and relevant processes. A questionnaire survey of these impacts was carried out and possible measures were proposed on the basis of the analysis of the questionnaires and the carried-out risk analysis. It was found that there is no dependence between the financial demands of GDPR implementation and the type of municipality. There is also no dependence between the time required to implement GDPR and the type of municipality. There is no dependence between whether the municipality has a security policy document and whether it carries out a risk analysis. Furthermore, there is a dependence between whether the municipality has an information system and how time-consuming was the implementation of GDPR into the municipality's processes. The level of cyber security varies significantly from municipality to municipality. The GDPR General Regulation has had some impact on cyber security and processes in individual municipalities, but in many cases on a theoretical rather than a practical level. In addition, the complexity of laws and standards does not help to improve the state of cyber security.
|
|
|
ITSM in Small and Medium-Sized Enterprises
Olej, Vojtěch ; Holop, Patrik (referee) ; Malinka, Kamil (advisor)
This bachelor thesis deals with the compilation of own methodology for risk management, which is based on existing standards, applicable in small and medium-sized enterprises in the Czech Republic. The theoretical part analyzes the legal obligations, existing standards and the current situation. The practical part includes the design of the methodology, deployment in the selected company and usability evaluation.
|
|
|
The Importance and the design of evaluation research on information management
Šidlichovská, Zuzana ; Basl, Josef (advisor) ; Sklenák, Vilém (referee) ; Škyřík, Petr (referee)
Univerzita Karlova v Praze Filozofická fakulta Ústav informačních studií a knihovnictví Informační věda PhDr. Zuzana Šidlichovská Význam a design evaluačního výzkumu v oblasti managementu informačních služeb řízení informačních aktivit a toků v organizacích ze sektoru soukromých bezpečnostních služeb The importance and the design of evaluation research on information management management of information activities and flows in private security service organization Abstrakt dizertační práce v angličtině Vedoucí práce: Prof. Ing. Josef Basl, CSc. Praha 2015 3 Abstrakt dizertační práce v angličtině In the first part, the dissertation describes the importance and the design of evaluation research on information management at small and medium-sized enterprises in the area of private security services. Secondly, it provides a general mapping of current evaluation practices trends from all over the world as well as from the Czech Republic. Thirdly, the dissertation depicts the main characteristics of evaluation and evaluation research methodology focused on the target group of small and medium-sized enterprises in private security service sector. The main goal of the dissertation project is to map and discuss the current importance of evaluation research on information management. Its main output is to explore an...
|
|
|
Implementation of standard ISO 27701 in the company using Gap analysis
Vicen, Šimon ; Konečný, Martin (referee) ; Sedlák, Petr (advisor)
This thesis analyses current state of the system for implementation of standard ISO 27701: 2019 extention. This standard extends already established standard ISO 27001. The thesis evaluates set of controls to the requirements of standard ISO 27701: 2019. Theoretical part contains information regarding the information security, describes a set of ISO 27000 standards as well as European and Czech legal acts related to information security. Following analysis of the company is performed with the application of security measures while implementing the extension standard ISO 27701. Contribution of this thesis is evaluation of the analysis which results from implementation of recommended standard to address the increased number of security threats and the protection of security information.
|
|
|
The Importance and the design of evaluation research on information management
Šidlichovská, Zuzana ; Basl, Josef (advisor) ; Sklenák, Vilém (referee) ; Škyřík, Petr (referee)
Univerzita Karlova v Praze Filozofická fakulta Ústav informačních studií a knihovnictví Informační věda PhDr. Zuzana Šidlichovská Význam a design evaluačního výzkumu v oblasti managementu informačních služeb řízení informačních aktivit a toků v organizacích ze sektoru soukromých bezpečnostních služeb The importance and the design of evaluation research on information management management of information activities and flows in private security service organization Abstrakt dizertační práce v angličtině Vedoucí práce: Prof. Ing. Josef Basl, CSc. Praha 2015 3 Abstrakt dizertační práce v angličtině In the first part, the dissertation describes the importance and the design of evaluation research on information management at small and medium-sized enterprises in the area of private security services. Secondly, it provides a general mapping of current evaluation practices trends from all over the world as well as from the Czech Republic. Thirdly, the dissertation depicts the main characteristics of evaluation and evaluation research methodology focused on the target group of small and medium-sized enterprises in private security service sector. The main goal of the dissertation project is to map and discuss the current importance of evaluation research on information management. Its main output is to explore an...
|
|
|
Implementation Methodology of Network Security in the Software Company
Tomaga, Jakub ; Sopuch, Zbyněk (referee) ; Sedlák, Petr (advisor)
This thesis deals with network security and its deployment in the real environment of the software company. The thesis describes information management framework with a specific concentration on computer networks. Network security policy is designed as well as network infrastructure modifications in order to increase the level of security. All parts of the solution are also analyzed from financial point of view.
|
|
|
Evaluation of preparedness of a business for an implementation of ISO 27001 using Gap analysis
Zrcek, Tomáš ; Čermák, Igor (advisor) ; Šašek, Jaroslav (referee)
The aim of the thesis is to evaluate the preparedness of an information security management system (ISMS) in a logistic company JASA s.r.o. for a certification by standard ISO/IEC 27001:2013. This enterprise oscillates between small and medium enterprise. It has already implemented the certificate on quality management ISO 9001:2008. For this reason, in the thesis there are presented advantages for a company that already has implemented one of ISO standards and decides to implement another. First of all, the present state of information security management system in Jasa s.r.o was compared to other businesses functioning in the Czech and European market. Then the company control environment was evaluated accordingly to the requirements of standard ISO/IEC 27001:2013. Furthermore, a scheme was created in order to evaluate specific controls based on the impact risk that could arise in case of ignoring the suggested recommendations. In the last part, the controls were evaluated accordingly to difficulty, so that the company can find cheap and fast solutions with adequate impact. The main contribution of the thesis is the evaluation of the approach to solve information security in one of many enterprises that are afraid or are starting to notice the increasing amount of security threats. This approach may be chosen by other companies that decide to go the similar way.
|
guest ::
