155-1306/01 – Information Security Management (RBI)
Gurantor department | Department of Applied Informatics | Credits | 5 |
Subject guarantor | Ing. Jan Ministr, Ph.D. | Subject version guarantor | Ing. Jan Ministr, Ph.D. |
Study level | undergraduate or graduate | Requirement | Compulsory |
Year | 2 | Semester | summer |
| | Study language | Czech |
Year of introduction | 2011/2012 | Year of cancellation | 2021/2022 |
Intended for the faculties | EKF | Intended for study types | Follow-up Master |
Subject aims expressed by acquired skills and competences
The goal is for students to understand the structure and properties of the integrated management system with emphasis on planning and implementation of the ISMS (Information Security Management System) in compliance with Czech legislation. Students also acquire basic knowledge in the field of auditing information security including basic procedures that require certification audit for compliance ISMS in the organization with the international standard ISO / IEC 27001.
Teaching methods
Lectures
Tutorials
Summary
Compulsory literature:
Recommended literature:
Additional study materials
Way of continuous check of knowledge in the course of semester
E-learning
Other requirements
Exercise:
1. Active work to exercise, at least 80% attendance.
2.The ability to correctly solve the problem situation at seminars on the subject, meet ongoing challenges.
3. Successful defense of the final project (profit credit).
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
1. IMS - Integrated Management System (Model PCDA, risk management, QMS, EMS, OHASMS))
2. Management science and information security in the organization (Governanace IT, IT Service Management)
3. Management science and information security in the organization (Information Security Governance)
4. COBIT methodology from the perspective of information security management
5. ITIL methodology in terms of information security management
6th Methodology for Information Security Management (historical development, evaluation criteria of safety)
7. Methodology for Information Security Management (Information Security Management normalization)
8. Information Security Management System (provision, implementation, monitoring, maintenance and improvement of the ISMS)
9. Implementation of security measures (security policy, asset management, safety in terms of human resources, physical security and environmental security, communication management and operations management, access control, acquisition and maintenance of IS security incidents, business continuity management.
10. Audit testing and information security (basic security auditing, certification ISMS)
11. Legal framework for information security (in the Czech Republic, the EU and other institutions)
12. Trends and developments in information security
exercise:
Processing of the ISMS project on an assigned topic.
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks
Assessment of instruction