diplomsko delo
Tamara Meglič (Author), Alenka Brezavšček (Mentor)

Abstract

Uvod: V diplomskem delu smo v prvi fazi raziskali dejansko stanje informacijske varnosti podjetja. Analiza stanja nam je pokazala, na katerih področjih so potrebne izboljšave. Osredotočili smo se na varnostno politiko informacijskega sistema in vpeljavo ISO/IEC 27001:2017. Namen: Zagotavljanje informacijske varnosti je za Skupino LOTRIČ Metrology ključnega pomena, zato je bistveno, da k obravnavani tematiki pristopimo celovito in sistematično. Standard ISO/IEC 27001:2017 je odlično orodje za pravilen in učinkovit pristop k izboljšanju stanja informacijske varnosti Skupine LOTRIČ Metrology, zato smo pristopili k implementaciji le-tega. Metode dela: V sklopu diplomske naloge smo naredili prve korake k vpeljavi standarda ISO/IEC 27001:2017 in pridobitvi certifikata. Dodobra smo preučili dejansko stanje varnostne politike. V raziskavo smo vključili osebe s ključnimi znanji in izkušnjami. Skupaj smo ustvarili primerjalno tabelo, s katero smo ugotovili, v kateri del poslovnika je smiselno umestiti zahteve standarda. V nadaljevanju smo naredili plan vpeljave ter vprašalnik za notranjo presojo. Rezultati: Vpeljava standarda ISO/IEC 27001:2017 je velik doprinos skupini LOTRIČ Metrology, predvsem za nenehno izpopolnjevanje in razvoj. Redno se bo izvajalo tudi preverjanje uresničevanja zahtev standarda, kar bo pripomoglo, da bo skupina LOTRIČ Metrology živela s strategijo vpeljane varnostne politike. Razprava in zaključek: Diplomska naloga prispeva k analitiki stanja in soodloča o izboru pravilnih zahtev pri vpeljavi standarda ISO/IEC 27001:2017.

Keywords

informacijska varnost;standardi;ISO 27001;certificiranje;

Data

Language: Slovenian
Year of publishing:
Typology: 2.11 - Undergraduate Thesis
Organization: UM FOV - Faculty of Organizational Sciences
Publisher: [T. Meglič]
UDC: 004
COBISS: 177215747 Link will open in a new window
Views: 29
Downloads: 0
Average score: 0 (0 votes)
Metadata: JSON JSON-RDF JSON-LD TURTLE N-TRIPLES XML RDFA MICRODATA DC-XML DC-RDF RDF

Other data

Secondary language: English
Secondary title: Implementation of iso 27001 in LOTRIČ Metrology Group
Secondary abstract: Introduction: In the first phase of the thesis, we investigated the actual state of information security in the company. The analysis of the situation revealed us in whitch areas improvements are needed.. We focused on the information system security policy and the implementation of ISO/IEC 27001:2017. Purpose: Ensuring information security is of key importance to LOTRIČ Metrology Group, and it is therefore crucial that we approach the subject in a comprehensive and systematic manner. The ISO/IEC 27001:2017 standard is an excellent tool for a correct and effective approach to improving the information security situation of LOTRIČ Metrology Group, and we have therefore taken the initiative to implement it. Works methods: As part of the thesis, we took the first steps towards the implementation of the ISO/IEC 27001:2017 standard and obtaining the certificate. We have further examined the actual state of security policy. We included people with key skills and experience in the research. Together, we created a comparison table to determine in which part of the rules of procedure it makes sense to include the requirements of the standard. We then created an implementation plan and an internal audit questionnaire. Results: The implementation of the ISO/IEC 27001:2017 standard is a great contribution to the LOTRIČ Metrology Group, especially for continuous improvement and development. Regular verification of the implementation of the requirements of the standard will also be carried out, which will help the LOTRIČ Metrology Group to live up to the strategy of the implemented security policy. Discussion and conclusion: The thesis contributes to the analysis of the situation and co-decides on the selection of the correct requirements for the implementation of the ISO/IEC 27001:2017 standard.
Secondary keywords: Varnost sistemov;Univerzitetna in visokošolska dela;
Type (COBISS): Bachelor thesis/paper
Thesis comment: Univ. v Mariboru, Fak. za organizacijske vede
Pages: VI, 61 f.
ID: 20047490