diplomsko delo
Luka Arnaudov (Author), Alenka Brezavšček (Mentor), Anže Zaletel (Co-mentor)

Abstract

V diplomskem delu smo obravnavali področje upravljanja z varnostnimi incidenti. Na podlagi preučene literature, med katero so predvsem mednarodni standardi in priročniki, smo prenovili sistem upravljanja z incidenti v podjetju Iskraemeco d. d. Ob tem smo sledili usmeritvam standardov ISO/IEC 27001:2013 in ISO/IEC 27002:2013, ki pokrivata področje upravljanja varovanja informacij. Podjetje je certificirano po prvem izmed omenjenih standardov, zato je bil cilj naloge tudi izboljšanje skladnosti s tem standardom. Po posnetku stanja smo preučili možne izboljšave in prenovili obrazec za poročilo o incidentu ter s pomočjo programskega orodja razvili portal za hranjenje le-teh. Razvili smo tudi portal z nadzorno ploščo, ki omogoča boljši pregled nad stanjem incidentov in izvajanjem akcijskih načrtov za odpravo njihovih posledic. Izvedbo prenovljenega procesa poročanja o varnostnih incidentih smo demonstrirali na hipotetičnem primeru.

Keywords

varnostni incident;informacijska varnost;upravljanje;podjetje;

Data

Language: Slovenian
Year of publishing:
Typology: 2.11 - Undergraduate Thesis
Organization: UM FOV - Faculty of Organizational Sciences
Publisher: [L. Arnaudov]
UDC: 004
COBISS: 183864067 Link will open in a new window
Views: 12
Downloads: 0
Average score: 0 (0 votes)
Metadata: JSON JSON-RDF JSON-LD TURTLE N-TRIPLES XML RDFA MICRODATA DC-XML DC-RDF RDF

Other data

Secondary language: English
Secondary title: Renovation of the security incident management system
Secondary abstract: In the diploma thesis, we addressed the area of security incident management. Based on the literature studied, which primarily consists of international standards and manuals, we revamped the incident management system at Iskraemeco d. d. In this process, we followed the guidelines of the ISO/IEC 27001:2013 and ISO/IEC 27002:2013 standards, which cover the field of information security management. The company is certified according to the first of these standards, so a goal of the task was also to improve compliance with this standard. After assessing the current state, we examined potential improvements and revamped the incident report form. With the help of software tools, we developed a portal for storing these reports. We also created a dashboard portal that allows for better oversight of the incident status and the implementation of action plans to mitigate their consequences. The implementation of the revised process for reporting security incidents was demonstrated using a hypothetical example.
Secondary keywords: Varstvo podatkov (računalništvo);Univerzitetna in visokošolska dela;
Type (COBISS): Bachelor thesis/paper
Thesis comment: Univ. v Mariboru, Fak. za organizacijske vede
Pages: VI, 41 f.
ID: 21876920
Recommended works:
, diplomsko delo visokošolskega strokovnega programa Informacijska varnost
, diplomsko delo visokošolskega študijskega programa Informacijska varnost
, diplomsko delo visokošolskega študijskega programa Informacijska varnost