050-0035/01 – Security of information systems (BIS)

Gurantor departmentDepartment of Civil ProtectionCredits5
Subject guarantordoc. Ing. Pavel Šenovský, Ph.D.Subject version guarantordoc. Ing. Pavel Šenovský, Ph.D.
Study levelundergraduate or graduateRequirementCompulsory
Year2Semesterwinter
Study languageCzech
Year of introduction2019/2020Year of cancellation
Intended for the facultiesFBIIntended for study typesFollow-up Master
Instruction secured by
LoginNameTuitorTeacher giving lectures
SEN76 doc. Ing. Pavel Šenovský, Ph.D.
Extent of instruction for forms of study
Form of studyWay of compl.Extent
Full-time Credit and Examination 28+28
Part-time Credit and Examination 14+0

Subject aims expressed by acquired skills and competences

Information systems security assessment on the basis of risk analysis. The synthesis of knowledge into the area of security policy.

Teaching methods

Lectures
Tutorials
Project work

Summary

Information systems collect increasing amount of information. Students will familiarize with some proved procedures and standards for the security check of the systems as well as with basic methods of forensic analysis of computers as one of the basic tools of searching the reasons of failure.

Compulsory literature:

TAYLOR, Sharon a Ivor MACFARLANE. ITIL small-scale implementation. London: TSO, 2005. ISBN 0-11-330980-5.

Recommended literature:

BUCKSTEEG, Martin. ITIL 2011. Brno: Computer Press, 2012. ISBN 978-80-251-3732-1 ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – Requirements ISO/IEC 27002:2013 (dříve ISO/IEC 17799:2005) Information technology - Security techniques - Code of practice for information security management ISO/IEC 27005:2011 Information technology - Security techniques - Information security risk management

Way of continuous check of knowledge in the course of semester

Students will develop, as part of team work, safety politics of IT, document for management of the configurations and risk analysis of chosen IT asset. Written exam.

E-learning

Other requirements

There are not defined next requirements to student.

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

1. Introduction to security of the information systems 2. ISO 27 000 - ISMS 3. IT Security politics of the organization 4. Risk management for IT systems 5. Configuration management 6. Case studies of the ISO 27 000 documentation 7. COBIT standard 8. ITIL standard 9. Software support for IT security management 10. Anatomy of security incident 11. Forensic analysis of the PC 12. Forensic analysis of mobile devices 13. Current security threats in IT and their connection IT security management

Conditions for subject completion

Full-time form (validity from: 2019/2020 Winter semester)
Task nameType of taskMax. number of points
(act. for subtasks)
Min. number of points
Credit and Examination Credit and Examination 100 (100) 51
        Credit Credit 45  16
        Examination Examination 55  28
Mandatory attendence parzicipation: at minimum half of the seminaries

Show history

Occurrence in study plans

Academic yearProgrammeField of studySpec.ZaměřeníFormStudy language Tut. centreYearWSType of duty
2021/2022 (N1032A020001) Safety and Security Planning K Czech Ostrava 2 Compulsory study plan
2021/2022 (N1032A020001) Safety and Security Planning P Czech Ostrava 2 Compulsory study plan
2020/2021 (N1032A020001) Safety and Security Planning P Czech Ostrava 2 Compulsory study plan
2020/2021 (N1032A020001) Safety and Security Planning K Czech Ostrava 2 Compulsory study plan

Occurrence in special blocks

Block nameAcademic yearForm of studyStudy language YearWSType of blockBlock owner