| Course Unit Code | 155-1306/01 |
|---|
| Number of ECTS Credits Allocated | 5 ECTS credits |
|---|
| Type of Course Unit * | Compulsory |
|---|
| Level of Course Unit * | Second Cycle |
|---|
| Year of Study * | Second Year |
|---|
| Semester when the Course Unit is delivered | Summer Semester |
|---|
| Mode of Delivery | Face-to-face |
|---|
| Language of Instruction | Czech |
|---|
| Prerequisites and Co-Requisites | Course succeeds to compulsory courses of previous semester |
|---|
| Name of Lecturer(s) | Personal ID | Name |
|---|
| MIN20 | Ing. Jan Ministr, Ph.D. |
| Summary |
|---|
|
| Learning Outcomes of the Course Unit |
|---|
| The goal is for students to understand the structure and properties of the integrated management system with emphasis on planning and implementation of the ISMS (Information Security Management System) in compliance with Czech legislation. Students also acquire basic knowledge in the field of auditing information security including basic procedures that require certification audit for compliance ISMS in the organization with the international standard ISO / IEC 27001. |
| Course Contents |
|---|
1. IMS - Integrated Management System (Model PCDA, risk management, QMS, EMS, OHASMS))
2. Management science and information security in the organization (Governanace IT, IT Service Management)
3. Management science and information security in the organization (Information Security Governance)
4. COBIT methodology from the perspective of information security management
5. ITIL methodology in terms of information security management
6th Methodology for Information Security Management (historical development, evaluation criteria of safety)
7. Methodology for Information Security Management (Information Security Management normalization)
8. Information Security Management System (provision, implementation, monitoring, maintenance and improvement of the ISMS)
9. Implementation of security measures (security policy, asset management, safety in terms of human resources, physical security and environmental security, communication management and operations management, access control, acquisition and maintenance of IS security incidents, business continuity management.
10. Audit testing and information security (basic security auditing, certification ISMS)
11. Legal framework for information security (in the Czech Republic, the EU and other institutions)
12. Trends and developments in information security
exercise:
Processing of the ISMS project on an assigned topic. |
| Recommended or Required Reading |
|---|
| Required Reading: |
|---|
| CAZEMIER, J, A., OVERBEEK, P. a L., PETERS. Information Security Management with ITIL V®3. Zaltbommel: Van Haren Publisching. 2010. s. 132. ISBN 978-90-8753-552-0. |
| DOUCEK, Petr et al. Řízení informační bezpečnosti. 2. rozšířené vyd. Praha: Profesional Publishing, 2011. 286 s. ISBN 978-80-7431-050-8. |
| Recommended Reading: |
|---|
WHITMAN, Michael E. a Herbert J. MATTORD. Management of Information Security. Third Edition. Boston: Course Technology, 2010. s. 546.ISBN 978-1-4354-8884-7.
ANDRESS, Jason. The Basic of Information Security – Understanding the Fundamentals of InfoSec in Theory and Practise. Amsterdam: Synger Press, 2011. s. 171. ISBN 978-1-59794-653-7.
|
PUŽMANOVÁ, R. Bezpečnost bezdrátové komunikace. Brno: Copmputer press. 2005. s. 200. ISBN 80-251-0791-4.
SMELKAL, V.Kybernetická kriminalita. 2. vyd. Plzeň: Aleš Čeněk, 2018. s.934. ISBN 978-80-7380-720-7.
|
| Planned learning activities and teaching methods |
|---|
| Lectures, Tutorials |
| Assesment methods and criteria |
|---|
| Task Title | Task Type | Maximum Number of Points
(Act. for Subtasks) | Minimum Number of Points for Task Passing |
|---|
| Exercises evaluation and Examination | Credit and Examination | 100 (100) | 51 |
| Exercises evaluation | Credit | 35 | 15 |
| Examination | Examination | 65 | 16 |