050-0702/01 – Security of information systems (BIS)

Gurantor department	Department of Civil Protection	Credits	4
Subject guarantor	doc. Ing. Pavel Šenovský, Ph.D.	Subject version guarantor	doc. Ing. Pavel Šenovský, Ph.D.
Study level	undergraduate or graduate	Requirement	Compulsory
Year	1	Semester	winter
		Study language	English
Year of introduction	2021/2022	Year of cancellation
Intended for the faculties	FBI	Intended for study types	Bachelor

Instruction secured by
Login	Name	Tuitor	Teacher giving lectures
SEN76	doc. Ing. Pavel Šenovský, Ph.D.

Extent of instruction for forms of study
Form of study	Way of compl.	Extent
Full-time	Graded credit	2+2

Subject aims expressed by acquired skills and competences

Information systems security assessment on the basis of risk analysis. The synthesis of knowledge into the area of security policy.

Teaching methods

Lectures
Tutorials

Summary

Information systems collect increasing amount of information. Students will familiarize with some proved procedures and standards for the security check of the systems as well as with basic methods of forensic analysis of computers as one of the basic tools of searching the reasons of failure.

Compulsory literature:

ŠENOVSKÝ, P. Security of Information Systems. 3rd edition, VŠB-TU Ostrava: Ostrava, 2021, 76 p.

Recommended literature:

BUCKSTEEG, Martin. ITIL 2011. Brno: Computer Press, 2012. ISBN 978-80-251-3732-1 ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – Requirements ISO/IEC 27002:2013 (previously ISO/IEC 17799:2005) Information technology - Security techniques - Code of practice for information security management ISO/IEC 27005:2011 Information technology - Security techniques - Information security risk management

Way of continuous check of knowledge in the course of semester

Students will develop, as part of team work, safety politics of IT, document for management of the configurations and risk analysis of chosen IT asset. Written exam.

E-learning

Other requirements

There are not defined next requirements for the student.

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

1. Introduction to security of the information systems 2. ISO 27 000 - ISMS 3. IT Security politics of the organization 4. Risk management for IT systems 5. Configuration management 6. Case studies of the ISO 27 000 documentation 7. COBIT standard 8. ITIL standard 9. Software support for IT security management 10. Anatomy of security incident 11. Forensic analysis of the PC 12. Forensic analysis of mobile devices 13. Current security threats in IT and their connection IT security management

Conditions for subject completion

Full-time form (validity from: 2021/2022 Winter semester)

Task name	Type of task	Max. number of points (act. for subtasks)	Min. number of points	Max. počet pokusů
Graded credit	Graded credit	100	51	3

Mandatory attendence participation: 3 unexcused absences on exercise tolerated

Show history

Conditions for subject completion and attendance at the exercises within ISP: preparing and defending semestral project

Show history

Occurrence in study plans

Academic year	Programme	Form	Study language	Tut. centre	Year	Type of duty
2024/2025	(B1032A020013) Safety and Security	P	English	Ostrava	1	Compulsory	study plan
2023/2024	(B1032A020013) Safety and Security	P	English	Ostrava	1	Compulsory	study plan
2022/2023	(B1032A020013) Safety and Security	P	English	Ostrava	1	Compulsory	study plan

Occurrence in special blocks

Block name	Academic year	Form of study	Study language	Year	W	S	Type of block	Block owner

Assessment of instruction

Předmět neobsahuje žádné hodnocení.