magistrsko delo
Abstract
Informacijska varnostna politika varuje organizacijo pred različnimi zunanjimi in notranjimi vplivi, ki bi lahko posegli v celovitost informacijskega sistema in s tem organizacije kot celote. V času naraščajočih in realnih varnostnih groženj, s katerimi se soočajo organizacije, predstavlja učinkovita varnostna politika pomemben element za stabilnost, varnost in nemoteno poslovanje organizacije. Grožnje ne ostajajo samo na papirju, ampak se odražajo v številnih posledicah za organizacijo, kot so finančne, posledice ki se nanašajo na ugled in dobro ime organizacije, motnje in onemogočanje poslovanja, preiskave incidentov terjajo veliko časa in denarja, težave s povrnitvijo v prejšnje stanje, nestabilnost organizacije, ki lahko v skrajnem primeru vodijo celo v propad organizacije. Informacijska varnostna politika predstavlja celovit načrt varovanja informacij in delovnih procesov v organizaciji. Opredeljuje tiste mehanizme, preko katerih se zagotovi ustrezen sistem varovanja in zgradita varen računalniški sistem in omrežje v podjetju. Univerza v Mariboru je druga največja in druga najstarejša Univerza v Sloveniji, saj na njej študira preko 20.000 študentov in zaposluje več kot 1700 ljudi. Tako velika organizacija ima zelo kompleksen informacijski sistem, ki potrebuje dobro varovanje, zato je sestava informacijske varnostne politike za Univerzo v Mariboru ključnega pomena. Informacijska varnostna politika Univerze v Mariboru mora temeljiti na glavnih standardih s področja informacijske varnosti. Najboljšo prakso predstavlja standard ISF ki predstavlja idejno zasnovo varnostne politike Univerze v Mariboru v tem magistrskem delu. ISF standard temelji na mednarodnih standardih ISO 27001 in ISO 27002. Predlog informacijske varnostne politike Univerze v Mariboru obsega vsa pomembna področja varovanja informacijskega sistema in informacij. Tako ureja varnostno upravljanje kjer opredeljuje vlogo vodstva, ključne poslovne aplikacije, omrežni del, strojno opremo, in okolje končnih uporabnikov, torej študentov, zaposlenih in drugih uporabnikov informacijskih storitev UM.
Keywords
varnostna politika;informacijska varnost;računalniški centri;organizacije;Univerza v Mariboru;magistrska dela;
Data
Language: |
Slovenian |
Year of publishing: |
2013 |
Typology: |
2.09 - Master's Thesis |
Organization: |
UM FVV - Faculty of Criminal Justice |
Publisher: |
R. Kralj] |
UDC: |
004.056(043.2) |
COBISS: |
2661354
|
Views: |
1773 |
Downloads: |
279 |
Average score: |
0 (0 votes) |
Metadata: |
|
Other data
Secondary language: |
English |
Secondary abstract: |
Information security policy protects the organization from a variety of internal and external risks that could affect the integrity of the information system and the organization as a whole. In the time when real security threats are on the rise, implementing an effective security policy is an important element for the stability, safety and smooth operation of the organization. Threats do not remain only on paper, but can manifest in a number of consequences for the organization, such as financial, consequences concerning the reputation and good name of the organization, denial of service and disabling organizational processes, investigation of incidents requires lot of time and money, organizational instability, which in extreme cases can lead to the collapse of the company. Information Security Policy represents a comprehensive security plan for the information and work processes in the organization. It defines mechanisms which allow us to build a secure computer system and network in the company. University of Maribor, the second largest and second-oldest university in Slovenia, has more than 20,000 students and employs more than 1,700 people. Such a large organization has a very complex information system that needs good protection. Implementation of information security policy for the University of Maribor is therefore crucial. University of Maribor information security policy is based on the main world standards of information security. ISF standard presentes best practices for managing IT systems from a business perspective but also in a practical way. It represents the basis for University of Maribor information security policy in this thesis. ISF standard is based on international standards ISO 27001 and ISO 27002 for information security. Information Security Policy at the University of Maribor covers all important areas of information system security. It regulates safety management which defines the role of leadership, business-critical applications, network , hardware and end user environment. |
URN: |
URN:SI:UM: |
Type (COBISS): |
Master's thesis/paper |
Thesis comment: |
Univ. v Mariboru, Fak. za varnostne vede, Ljubljana |
Pages: |
81 str. |
ID: |
8727876 |