639-0822/01 – Information Security Management Systems (ISMS)
Gurantor department | Department of Quality Management | Credits | 7 |
Subject guarantor | Ing. Václav Štverka | Subject version guarantor | Ing. Václav Štverka |
Study level | undergraduate or graduate | Requirement | Choice-compulsory |
Year | 1 | Semester | summer |
| | Study language | Czech |
Year of introduction | 2007/2008 | Year of cancellation | 2018/2019 |
Intended for the faculties | FMT | Intended for study types | Follow-up Master |
Subject aims expressed by acquired skills and competences
- The subject is coming out from the requirements of the information security management system and gives the basic survey of the specifications which are necessary to fulfil for successful implementation
- It gives the theoretic basement of the ISMS requirements, its understanding and aplication in to the practice
- It acquaints with the requirements of the standards like as series of 2700x
- The subject aquaints with the procedures and practices for ISMS internal audits according to the ISO/IEC 27001
- The subject is to give overall overview about requirements and range of the ISMS implementation project according to the ISO/IEC 27001 standard
Undergraduates should be able:
- to hold a position of the information security management system manager (ISMS manager),
- to execute ISMS internal audits according to the ISO/IEC 27001,
- to implement the information security management systém in any organization.
Teaching methods
Lectures
Tutorials
Project work
Summary
The subject is focused on the basic information about implementation and maintenance of the information security management system
Compulsory literature:
Ing. Václav Štverka, CISA, CISM: INFORMATION SECURITY MANAGEMENT SYSTEMACCORDING TO ISO/IEC 27001:2005, PRESENTATION
Standards ISO/IEC 27000 Information technogy - Security techniques - Information security management system - Overview and vocabulary
ISO/IEC 27001 Information technology — Security techniques — Information security management systems — Requirements
ISO/IEC 27002 (ISO/IEC 17799:2006) Information technology — Security techniques — Code of practice for information security management
Recommended literature:
ISO/IEC 27005 Information technogy - Security techniques - Information security management system - Risk management
Additional study materials
Way of continuous check of knowledge in the course of semester
E-learning
Other requirements
V tomto předmětu nejsou žádné další požadavky.
There are no other requirements in this subject.
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
- Theoretical basic of the requirements for ISMS.
- Application of these requirements for ISMS in practice.
- ISMS implementation.
- Standards ISO/IEC 2700x.
- Internal audits of ISMS (ISO/IEC 27001).
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks
Assessment of instruction
Předmět neobsahuje žádné hodnocení.