Course detail

Management Information Security

FP-MIBEAcad. year: 2020/2021

Information Security Management is focused on the security aspects of information systems and to explore the basic elements of creating security policies of the organization. It is to introduce students to the main areas and directions of the implementation of security measures and to acquaint them with their policies.

Language of instruction

Czech

Number of ECTS credits

7

Mode of study

Not applicable.

Guarantor

Ing. Viktor Ondrák, Ph.D.

Department

Institute of Informatics (ÚI)

Learning outcomes of the course unit

Emphasis is also placed on acquiring management knowledge of current methodologies of information security management in ERP systems.

Prerequisites

Knowledge of information systems, computer networks, operating systems and basic programming.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

The course contains lectures that explain basic principles, problems and methodology of the discipline, and exercises that promote the practical knowledge of the subject presented in the lectures.

Assesment methods and criteria linked to learning outcomes

It will be specified by teacher.

Course curriculum

- Digital literacy.
- Basic terminology of ISMS.
- Definition of ISMS.
- Implementation methodology of ISMS.
- Risk analysis.
- Security controls.
- Security standards and norms.
- Data security management.
- Personaly security issues.
- Cyber security management.

Work placements

Not applicable.

Aims

The course aims to introduce students to the main areas and directions of the implementation of security measures and to acquaint them with their policies.

Specification of controlled education, way of implementation and compensation for absences

It will be specified by teacher.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

Ondrák, Viktor. Petr Sedlák a Vladimír Mazálek. Problematika ISMS v manažerské informatice. Brno: Akademické nakladatelství CERM, 2013. ISBN 978-80-7204-872-4.
ČSN ISO/IEC 27001 Informační technologie – Bezpečnostní techniky – Systémy řízení bezpečnostní informací – Požadavky. Praha: Úřad pro technickou normalizaci, metrologii a státní zkušebnictví (ÚNMZ), 2014.
ČSN ISO/IEC 27002 Informační technologie - Bezpečnostní techniky - Soubor postupů pro opatření bezpečnosti informací. Praha: Úřad pro technickou normalizaci, metrologii a státní zkušebnictví (ÚNMZ), 2014.
DOUCEK, Petr. Řízení bezpečnosti informací: 2. rozšířené vydání o BCM. 2., přeprac. vyd. Praha: Professional Publishing, 2011. ISBN 978-807-4310-508.
Peikari Cyrus a Anton Chuvakin. Security Warrior. Sebastopol : O’Reilly Media, 2004. ISBN 978-0-596-00545-0.

Recommended reading

Doseděl, T.: Počítačová bezpečnost a ochrana dat. Brno : Computer Press 2004.
Northcutt, S. Bezpečnost počítačových sítí. Brno : Computer Press, 2005.
Hardware Threat Landscape and Good Practice Guide, ENISA: 2017.

Classification of course in study plans

  • Programme MBA-IM Master of business administration, 1. year of study, winter semester, compulsory

Type of course unit

 

Guided consultation in combined form of studies

40 hours, optionally

Teacher / Lecturer

Ing. Viktor Ondrák, Ph.D.