639-3009/02 – Information Security Management Systems (ISMS)

Gurantor departmentDepartment of Quality ManagementCredits5
Subject guarantorIng. Václav ŠtverkaSubject version guarantorIng. Václav Štverka
Study levelundergraduate or graduateRequirementChoice-compulsory
Year1Semestersummer
Study languageEnglish
Year of introduction2015/2016Year of cancellation2020/2021
Intended for the facultiesFMTIntended for study typesFollow-up Master
Instruction secured by
LoginNameTuitorTeacher giving lectures
STV06 Ing. Václav Štverka
Extent of instruction for forms of study
Form of studyWay of compl.Extent
Full-time Credit and Examination 3+2
Part-time Credit and Examination 18+0

Subject aims expressed by acquired skills and competences

- The subject gives the theoretic basement of the ISMS requirements, its understanding and aplication in to the practice - It acquaints with the requirements of the standards like as series of 2700x - The subject aquaints with the procedures and practices for ISMS internal audits according to the ISO/IEC 27001 - The subject is to give overall overview about requirements and range of the ISMS implementation project according to the ISO/IEC 27001 standard Undergraduates should be able: - to hold a position of the information security management system manager (ISMS manager), - to execute ISMS internal audits according to the ISO/IEC 27001, - to implement the information security management systém in any organization.

Teaching methods

Lectures
Tutorials

Summary

The subject is coming out from the requirements of the information security management system and gives the basic survey of the specifications which are necessary to fulfil for successful implementation.

Compulsory literature:

[1] ISO/IEC 27001 Information technology — Security techniques — Information security management systems — Requirements, ISO, Geneva, Switzerland. [2] Edward Humphreys & Angelika Plate, BIP 0071:2005: Guidelines on requirements and preparations for ISMS certification based on ISO/IEC 27001, BSI London, UK.

Recommended literature:

[1] ISO/IEC 27005 Information technogy - Security techniques - Information security management system - Risk management.

Way of continuous check of knowledge in the course of semester

E-learning

Other requirements

Elaboration of the semester project (cca 10 pages) and running tests.

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

- Theoretical basic of the requirements for ISMS. - Application of these requirements for ISMS in practice. - ISMS implementation. - Standards ISO/IEC 2700x. - Internal audits of ISMS (ISO/IEC 27001).

Conditions for subject completion

Full-time form (validity from: 2015/2016 Winter semester, validity until: 2020/2021 Summer semester)
Task nameType of taskMax. number of points
(act. for subtasks)
Min. number of pointsMax. počet pokusů
Credit and Examination Credit and Examination 100 (100) 51
        Credit Credit 40  20
        Examination Examination 60  31 3
Mandatory attendence participation:

Show history

Conditions for subject completion and attendance at the exercises within ISP:

Show history

Occurrence in study plans

Academic yearProgrammeBranch/spec.Spec.ZaměřeníFormStudy language Tut. centreYearWSType of duty
2017/2018 (N3922) Economics and Management of Industrial Systems (3902T062) Quality Management P English Ostrava 1 Choice-compulsory study plan
2016/2017 (N3922) Economics and Management of Industrial Systems (3902T062) Quality Management P English Ostrava 1 Choice-compulsory study plan

Occurrence in special blocks

Block nameAcademic yearForm of studyStudy language YearWSType of blockBlock owner

Assessment of instruction

Předmět neobsahuje žádné hodnocení.