|
Lecturer(s)
|
-
Drastich Martin, Ing. Ph.D., MBA
|
|
Course content
|
1. Introduction into problems, basic terms. 2. Current situation of information security in Czech Republic. 3. Reason and motive escape and loss. 4. Implementation information security management system. 5. Physical (technical) security. 6. Regime protection, personal protection. 7. HW protection, SW protection. 8. Security of network. Encryption. Encryption algorithm. Symmetrical and asymmetrical encryption. Electronic signature. 9. Security elements in network: security gates, security protocols. 10. Security system: beck up, protection source, check integrity, monitoring, antivirus protection. 11. Process during attack: unveiling penetration, renew system. 12. Information security management system and law, legislative norm. This subject is innovated by the latest knowledge in the field of current research situation information security. These findings are taken from recent studies published by recognized firms such as PricewaterhouseCoopers, NBU - National Security Authority and journal DSM - Data Security Management. Subject is innovated about the case studies used in the course are consistently upgraded and are used for analyses. The analyses and discussions are an important part of the educational process. The innovation of the subject was established within a project CZ.1.07/2.2.00/28.0138 "Modularization of Managerial and Psychological Education at Palacky University in Olomouc through Innovating and Linking Economic and Psychological Study Programs."
|
|
Learning activities and teaching methods
|
Lecture, Dialogic Lecture (Discussion, Dialog, Brainstorming)
- Preparation for the Exam
- 25 hours per semester
- Attendace
- 28 hours per semester
- Homework for Teaching
- 22 hours per semester
- Semestral Work
- 25 hours per semester
|
|
Learning outcomes
|
Target of subject is obtaining background knowledge and basic concepts in the area security management and risk analysis. Students will be able to do risk analysis in area physical, organization, personal, software, hardware, information systems and communication network. There will be practical cases from risk analysis. Student is able to describe area like electronic signature, beck up, plan renewal, plan continuity, law etc.
- Student is able to define discipline security management. - Student is able to describe current situation information security in Czech Republic. - Student is able to explain main parts of security management - Student is able to define term as information security incident, risk, classification of information - Student is able to do risk analysis - Student is able to anticipate reason of people failure
|
|
Prerequisites
|
KAE/Management completion is recommended.
|
|
Assessment methods and criteria
|
Written exam
Attendance (2 absences allowed) Elaboration of a case study and its defence in the lessons. Participation in model situations during seminars.
|
|
Recommended literature
|
-
Český normalizační institut 2006. " ČSN ISO/IEC 27001 - Informační technologie - Bezpečnostní techniky - Systémy managementu bezpečnosti informací - Požadavky.
-
LÁTAL, I., ŠTANTEJSKÝ, M. Bezpečnostní zásady ochrany podniku (Prevence a řešení krizových situací). Praha: Prospektrum, 2001. 119 str. ISBN 80-7175-091-3.
-
PricewaterhouseCoopers, Národní bezpečnostní úřad a časopis DSM - data security management. Průzkum stavu informační bezpečnosti 2009.
-
STEINER, F.; TUPA, J. Management rizik v systémech řízení bezpečnosti informací. In MOPP 2007. V Plzni: Západočeská univerzita, 2007. s. 183. ISBN 978-80-7043-535-9..
-
ŠEBESTA, V., ŠTVERKA, V., STEINER, F., ŠEBESTOVÁ, M. Praktické zkušenosti z implementace systému managementu bezpečnosti informací podle ČSN BS 7799-2:2004 a komentované vydání ISO/IEC 27001:2005, Český normalizační institut. Praha: 2006. 50str. ISBN 80-7283-204-2.
-
ŠEBESTA, V.; ŠTVERKA, V.; ŠEBESTOVÁ, M.; SEDLÁČEK, M. Systémy řízení bezpečnosti informací, Část 3: Směrnice pro management rizik bezpečnosti informací podle BS 7799-3:2005 s komentářem k managementu rizik v ISMS. Praha: Český normalizační institut. Praha: 2007. 50 str..
|