Management varnosti informacijskih tehnologij
diplomsko delo
Abstract
Diplomsko dela obsega področje managementa varnosti informacijskih tehnologij, politiko varnosti, pomembnejše standarde na področju varnosti informacijskih tehnologij, presoje ali audite informacijskih sistemov in tehnologije ter praktični primer uvedbe varnosti informacijske tehnologije v podjetju Cablex – M d.o.o. Management varnosti informacijskih tehnologij proučuje slabosti in nevarnosti sistemov informacijske tehnologije, predvsem z ugotavljanjem groženj, rizikov in možnih protiukrepov. Obsega management varnosti, ki poda možne pristope k proučevanju problematike varnosti informacijskih tehnologij in ustrezne ukrepe, in management katastrof, ki opredeljuje pristop organizacije do morebitnih nepredvidljivih naravnih katastrof in terorističnih napadov. Pomeni načrtovanje ponovnega zagona poslovanja, ponovne nabave izgubljene opreme in krizno organizacijo. Politika varnosti obsega predvsem vsebino, ki jo politika proučuje, to so na primer standardi nadzora dostopov, odgovornosti, nadzor in sledenje, načrt bodočega poslovanja in drugo. Poleg tega nadrobneje opisujemo proces načrtovanja za politiko in različne pristope k politiki kot klasifikacijo politik na regulativne, svetovalne in informativne. Kot pomembnejši standard na področju varnosti informacijske tehnologije je izpostavljen in opisan mednarodni standard ISO 17799 in družina mednarodnih standardov ISO 24000, ki pa so še vedno v procesu nastajanja. Kot kontrolni mehanizem in predvsem pri začetnem analiziranju organizacije ob uvajanju managementa varnosti informacijskih tehnologij opisujemo audite ali presoje informacijskih sistemov in tehnologij. Poglavje obsega vrste auditov in auditorjev, sam proces izvajanja in vire informacij za izdelavo končnih poročil. Kot praktični primer navajamo ukrepe, ki jih je sprejelo podjetje Cablex – M d.o.o. s proučevanjem njihove varnosti informacijske tehnologije, dokumentirane s predpisi in pravilniki.
Keywords
poslovna informatika;informacijski sistemi;informacijska tehnologija;varnost;management;standardi;mednarodni standardi;
Data
| Language: | Slovenian |
|---|---|
| Year of publishing: | 2009 |
| Source: | Maribor |
| Typology: | 2.11 - Undergraduate Thesis |
| Organization: | UM EPF - Faculty of Economics and Business |
| Publisher: | [P. Zorman] |
| UDC: | 659.23:004.6 |
| COBISS: |
9904924
|
| Views: | 3027 |
| Downloads: | 182 |
| Average score: | 0 (0 votes) |
| Metadata: |
|
Other data
| Secondary language: | English |
|---|---|
| Secondary title: | Security management of information technology |
| Secondary abstract: | The diploma thesis includes security management of information technology, security policy, important standards at the field of information technology, audits of information systems and technology and a practical case of implementing security of information technology in the company Cablex – M d.o.o. Security management of information technology studies the weaknesses and dangers of information technology systems, above all by researching threats, risks and possible countermeasurments. It includes security management that supplies us with possible solutions of encountering security problems of information technology and gives us possible suitable measures, and catastrophe management that defines how an organization should act in the case of an unpredictable natural catastrophe or terror attack. It means planning a reboot of production, repurchasing of lost equipment and a crisis organization. Security policy includes above all the content that the security policy investigates; these are for example access control standards, accountability, audit trails, business continuity plans and more. Besides that, it describes policy planning and different types of security policies like regulatory, advisory or informative policies. Important standards for information technology security are the international standard ISO 17799 and the family of standards ISO 24000, which is in the process of making. Audits are like a control mechanism and a tool for studying the security of information systems. The chapter is investigating different types of audits, execution of audits and sources of information needed to create audit reports. We describe the measurements which are implemented in company Cablex – m d.o.o. as a practical example of implementing security management. |
| Secondary keywords: | Information systems – they consist of information technology;processes and people. It is a whole of components which provides all data and information and links between these components in an organization or its environment. Information technology – are resources and the behavior of data processing;it is about collecting;storing;forwarding and transporting data and forming information. Computers;telecommunications;software;hardware and resources for office business are included there as well. Security management of information technology – it includes tasks of planning;directing and controlling;which are needed for implementing a well weighed process of information technology security and its continuous realization. Security policy – is a set of defined rules that are put in force by the management of an organization. Management sets forth the overall security information policy for employees and other members of the organization. It also defines the handling procedures for information an; |
| URN: | URN:SI:UM: |
| Type (COBISS): | Undergraduate thesis |
| Thesis comment: | Univ. v Mariboru, Ekonomsko-poslovna fak. |
| Pages: | 56 str. |
| Keywords (UDC): | applied sciences;medicine;technology;uporabne znanosti;medicina;tehnika;communication and transport industries;accountancy;business management;public relations;komunikacije in transport;knjigovodstvo;poslovni menedžment;stiki z javnostjo;publicity;information work;public relations;stiki z javnostjo;reklama;information work;advisory and consultancy services;informacije;informiranje;informacijski sistemi;science and knowledge;organization;computer science;information;documentation;librarianship;institutions;publications;znanost in znanje;organizacije;informacije;dokumentacija;bibliotekarstvo;institucije;publikacije;prolegomena;fundamentals of knowledge and culture;propaedeutics;prolegomena;splošne osnove znanosti in kulture;computer science and technology;computing;data processing;računalniška znanost in tehnologija;računalništvo;obdelava podatkov;data;podatki; |
| ID: | 985855 |
Recommended works:
Management varnosti informacijskih tehnologij
2009,
diplomsko delo
Management varnosti informacijskih sistemov v srednje veliki zavarovalnici
2010,
magistrsko delo
E-poslovanje s carino
2011,
diplomsko delo
Razlogi in motivi sodelovanja v internetnih panelih
2009,
diplomsko delo
Socialni inženiring na internetu
2009,
diplomsko delo