Course Unit Code | 155-1328/01 |
---|
Number of ECTS Credits Allocated | 5 ECTS credits |
---|
Type of Course Unit * | Compulsory |
---|
Level of Course Unit * | First Cycle |
---|
Year of Study * | Third Year |
---|
Semester when the Course Unit is delivered | Winter Semester |
---|
Mode of Delivery | Face-to-face |
---|
Language of Instruction | Czech |
---|
Prerequisites and Co-Requisites | Course succeeds to compulsory courses of previous semester |
---|
Name of Lecturer(s) | Personal ID | Name |
---|
| MIN20 | Ing. Jan Ministr, Ph.D. |
Summary |
---|
Learning outcomes of the course unit The aim of the course is to acquire basic knowledge of students in the field of data protection and security. Students will become familiar with the structure and properties of the integrated management system with emphasis on planning and implementation of ISMS (Information Security Management System) in accordance with Czech legislation. In addition, students will acquire basic knowledge in the field of information security auditing, including basic procedures that require certification audit for ISMS compliance in an organization with the international standard ISO / IEC 27001. |
Learning Outcomes of the Course Unit |
---|
Learning outcomes of the course unit The aim of the course is to acquire basic knowledge of students in the field of data protection and security. Students will become familiar with the structure and properties of the integrated management system with emphasis on planning and implementation of ISMS (Information Security Management System) in accordance with Czech legislation. In addition, students will acquire basic knowledge in the field of information security auditing, including basic procedures that require certification audit for ISMS compliance in an organization with the international standard ISO / IEC 27001. |
Course Contents |
---|
1. Introduction to information security, information and information process
2. Cryptography, computer viruses and malicious codes
3. Computer crime
4. IMS - Integrated Management System, (PCDA Model, Risk Management, QMS, EMS, OHASMS)
5. Management of informatics and information security in organization (IT Governance, IT Service Management)
6. Information Security Governance
7. Methodological frameworks COBIT and ITIL from the perspective of information security management
8. Information security management methodologies (historical development, security evaluation criteria)
9.. Information security management system (establishment, implementation, monitoring, maintenance and improvement of ISMS)
10. Implementation of security measures (security policy, asset management, human resources security, physical and environmental security, communication and traffic management, access control, IS acquisition and maintenance, security incidents, business continuity management).
11. Information security audit and testing (basic security audit, ISMS certification)
12. Legal framework of information security (in the Czech Republic, EU and other institutions)
13. Trends and development of information security |
Recommended or Required Reading |
---|
Required Reading: |
---|
NAYAK, Umesha and Umesh Hodeghartta RAO. The InfoSec Handbook: An introduction to Information Security. New York: Apress. 2014. ISBN 978-1-4302-6382-1.
SHAUB, Gary, jr. Understanding Cybersecurity: Emerging Governace and Strategy. London: Rowman & Littfield Intrnational. 2018. ISBN 978-1-78660-680-8. |
DOUCEK, Petr et al. Řízení informační bezpečnosti. 2. rozšířené vyd. Praha: Profesional Publishing, 2011. ISBN 978-80-7431-050-8.
ONDRÁK, Viktor et al. Problematika ISMS v manažerské informatice. Brno: CERM, 2013. ISBN 978-80-7204-872-4.
PETROWSKI, Thorsden. Bezpečí na internetu pro všechny. Liberec: Dialog, 2014. ISBN 978-80-742-4066-9. |
Recommended Reading: |
---|
ANDERS, Jason. The basic information of Inforation Security: Understanding the fundamentals of InfoSec in Theory and Practice, 2nd. ed. Amsterdam: ELSEVIER. 2014. ISBN 978-0-12-800744-0
Computers & Security. Journal. Amsterdam: ELSEVIER. ISSN: 0167-4048.
|
MAISNER, Martin and Barbora, VLACHOVÁ. Zákon o kybernetické bezpečnosti: Komentář. Praha: Wolters Kluwer, 2015. ISBN 978-80-7478-817-8.
KOLOUCH, Jan et.al. CyberSecurity. Praha: CZ.NIC, 2019. ISBN 978-80-88168-34-8.
Security world: čtvrtletník o informační bezpečnosti. Praha: IDG Czech Republic, ISSN 1802-4505. |
Planned learning activities and teaching methods |
---|
Lectures, Individual consultations, Tutorials, Project work |
Assesment methods and criteria |
---|
Task Title | Task Type | Maximum Number of Points (Act. for Subtasks) | Minimum Number of Points for Task Passing |
---|
Credit and Examination | Credit and Examination | 100 (100) | 51 |
Credit | Credit | 45 | 23 |
Examination | Examination | 55 | 28 |