delo diplomskega seminarja
Nina Jeznik (Author), Samo Bobek (Mentor)

Abstract

Vsako podjetje posluje s pomočjo informacijskega sistema, kateri je neprestano v nevarnosti, če ne poskrbimo za njegovo dobro zaščito. Informacije predstavljajo ključni del poslovanja podjetja in zahtevajo potrebo po celovitosti, razpoložljivosti in zaupnosti. Prvi del dela diplomskega seminarja je teoretičen in zajema vprašanje zakaj je potrebno informacije sploh varovati, kako upravljamo z informacijami, kateri standardi nam priporočajo dobre prakse s področja varovanja informacij, podroben opis družine standardov ISO/IEC 27000 ter proces vzpostavitve sistema upravljanja varovanja informacij in njegove prednosti. Drugi praktičen del dela diplomskega seminarja prikazuje vzpostavitev sistema upravljanja varovanja informacij na konkretnem primeru podjetja Dravskih elektrarn Maribor, ki so določile začasno projektno organizacijo z namenom projekta uvedbe SUVI. Skozi postopek vzpostavitve opisujem proces SUVI od priprave dokumentacije, popisa informacijskih sredstev, določanja groženj in ranljivosti, kontrol za zmanjšanje tveganja, notranje in zunanje presoje ter do pridobitve certifikata.

Keywords

informacije;varovanje;varstvo podatkov;upravljanje;sistemi;tveganje;informacijska tehnologija;

Data

Language: Slovenian
Year of publishing:
Source: Maribor
Typology: 2.11 - Undergraduate Thesis
Organization: UM EPF - Faculty of Economics and Business
Publisher: [N. Jeznik]
UDC: 659.2:004
COBISS: 10852892 Link will open in a new window
Views: 2172
Downloads: 336
Average score: 0 (0 votes)
Metadata: JSON JSON-RDF JSON-LD TURTLE N-TRIPLES XML RDFA MICRODATA DC-XML DC-RDF RDF

Other data

Secondary language: English
Secondary title: Implementation of information security management system in company Dravske elektrarne Maribor
Secondary abstract: Each company operates through the informational system, which is constantly at risk if they are not provided with good protection. Information is the main part of the company and requires integrity, availability and confidentiality needs. The first part of the graduate seminar contains theoretical basics and covers questions why the information are required to be protected, how to manage with the information, which standards recommend us good practices in information security, details about the ISO 21000 family of standards and the process of implementation information security management system and its benefits. The second part is practical and shows the establishment of information security management system with concrete example of the Drava power plant Maribor Company (Dravske elektrarne Maribor). They have set a temporary project organization for the purpose of the project to introduce information security management system. Throughout the procedure of reestablishment I described ISMS (information Security Management System). I represented it from preparation of documentation; informational means inventory, identifying threats and vulnerabilities, risk reduction controls, internal and external judgments to certificate acquirement.
Secondary keywords: ISO/IEC 27001;information security;security policy;security standards;Information Security Management System;
URN: URN:SI:UM:
Type (COBISS): Final seminar paper
Thesis comment: Univ. v Mariboru, Ekonomsko-poslovna fak.
Pages: 48, XV str.
Keywords (UDC): applied sciences;medicine;technology;uporabne znanosti;medicina;tehnika;communication and transport industries;accountancy;business management;public relations;komunikacije in transport;knjigovodstvo;poslovni menedžment;stiki z javnostjo;publicity;information work;public relations;stiki z javnostjo;reklama;information work;advisory and consultancy services;informacije;informiranje;informacijski sistemi;science and knowledge;organization;computer science;information;documentation;librarianship;institutions;publications;znanost in znanje;organizacije;informacije;dokumentacija;bibliotekarstvo;institucije;publikacije;prolegomena;fundamentals of knowledge and culture;propaedeutics;prolegomena;splošne osnove znanosti in kulture;computer science and technology;computing;data processing;računalniška znanost in tehnologija;računalništvo;obdelava podatkov;
ID: 1015768