155-1306/01 – Information Security Management (RBI)

Gurantor departmentDepartment of Computer ScienceCredits5
Subject guarantorIng. Jan Ministr, Ph.D.Subject version guarantorIng. Jan Ministr, Ph.D.
Study levelundergraduate or graduateRequirementCompulsory
Year2Semestersummer
Study languageCzech
Year of introduction2011/2012Year of cancellation
Intended for the facultiesEKFIntended for study typesFollow-up Master
Instruction secured by
LoginNameTuitorTeacher giving lectures
MIN20 Ing. Jan Ministr, Ph.D.
Extent of instruction for forms of study
Form of studyWay of compl.Extent
Full-time Credit and Examination 2+1

Subject aims expressed by acquired skills and competences

The goal is for students to understand the structure and properties of the integrated management system with emphasis on planning and implementation of the ISMS (Information Security Management System) in compliance with Czech legislation. Students also acquire basic knowledge in the field of auditing information security including basic procedures that require certification audit for compliance ISMS in the organization with the international standard ISO / IEC 27001.

Teaching methods

Lectures
Tutorials

Summary

Compulsory literature:

CAZEMIER, J, A., OVERBEEK, P. a L., PETERS. Information Security Management with ITIL V®3. Zaltbommel: Van Haren Publisching. 2010. s. 132. ISBN 978-90-8753-552-0.

Recommended literature:

WHITMAN, Michael E. a Herbert J. MATTORD. Management of Information Security. Third Edition. Boston: Course Technology, 2010. s. 546.ISBN 978-1-4354-8884-7. ANDRESS, Jason. The Basic of Information Security – Understanding the Fundamentals of InfoSec in Theory and Practise. Amsterdam: Synger Press, 2011. s. 171. ISBN 978-1-59794-653-7.

Way of continuous check of knowledge in the course of semester

E-learning

Další požadavky na studenta

Exercise: 1. Active work to exercise, at least 80% attendance. 2.The ability to correctly solve the problem situation at seminars on the subject, meet ongoing challenges. 3. Successful defense of the final project (profit credit).

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

1. IMS - Integrated Management System (Model PCDA, risk management, QMS, EMS, OHASMS)) 2. Management science and information security in the organization (Governanace IT, IT Service Management) 3. Management science and information security in the organization (Information Security Governance) 4. COBIT methodology from the perspective of information security management 5. ITIL methodology in terms of information security management 6th Methodology for Information Security Management (historical development, evaluation criteria of safety) 7. Methodology for Information Security Management (Information Security Management normalization) 8. Information Security Management System (provision, implementation, monitoring, maintenance and improvement of the ISMS) 9. Implementation of security measures (security policy, asset management, safety in terms of human resources, physical security and environmental security, communication management and operations management, access control, acquisition and maintenance of IS security incidents, business continuity management. 10. Audit testing and information security (basic security auditing, certification ISMS) 11. Legal framework for information security (in the Czech Republic, the EU and other institutions) 12. Trends and developments in information security exercise: Processing of the ISMS project on an assigned topic.

Conditions for subject completion

Full-time form (validity from: 2013/2014 Winter semester)
Task nameType of taskMax. number of points
(act. for subtasks)
Min. number of points
Exercises evaluation and Examination Credit and Examination 100 (100) 51
        Exercises evaluation Credit 35  15
        Examination Examination 65  16
Mandatory attendence parzicipation:

Show history

Occurrence in study plans

Academic yearProgrammeField of studySpec.FormStudy language Tut. centreYearWSType of duty
2019/2020 (N6209) Systems Engineering and Informatics (6209T017) Informatics in Economics P Czech Ostrava 2 Compulsory study plan
2018/2019 (N6209) Systems Engineering and Informatics (6209T017) Informatics in Economics P Czech Ostrava 2 Compulsory study plan
2017/2018 (N6209) Systems Engineering and Informatics (6209T017) Informatics in Economics P Czech Ostrava 2 Compulsory study plan
2016/2017 (N6209) Systems Engineering and Informatics (6209T025) System Engineering and Informatics P Czech Ostrava 2 Compulsory study plan
2015/2016 (N6209) Systems Engineering and Informatics (6209T025) System Engineering and Informatics P Czech Ostrava 2 Compulsory study plan
2013/2014 (N6209) Systems Engineering and Informatics (6209T025) System Engineering and Informatics P Czech Ostrava 2 Compulsory study plan
2013/2014 (N6209) Systems Engineering and Informatics (6209T025) System Engineering and Informatics (00) System Engineering and Informatics P Czech Ostrava 2 Compulsory study plan

Occurrence in special blocks

Block nameAcademic yearForm of studyStudy language YearWSType of blockBlock owner