| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

Show document

Title:MANAGEMENT VARNOSTI INFORMACIJSKIH TEHNOLOGIJ
Authors:Zorman, Peter (Author)
Bobek, Samo (Mentor) More about this mentor... New window
Files:.pdf UNI_Zorman_Peter_2009.pdf (778,53 KB)
 
Language:Slovenian
Work type:Undergraduate thesis (m5)
Organization:EPF - Faculty of Business and Economics
Abstract:Diplomsko dela obsega področje managementa varnosti informacijskih tehnologij, politiko varnosti, pomembnejše standarde na področju varnosti informacijskih tehnologij, presoje ali audite informacijskih sistemov in tehnologije ter praktični primer uvedbe varnosti informacijske tehnologije v podjetju Cablex – M d.o.o. Management varnosti informacijskih tehnologij proučuje slabosti in nevarnosti sistemov informacijske tehnologije, predvsem z ugotavljanjem groženj, rizikov in možnih protiukrepov. Obsega management varnosti, ki poda možne pristope k proučevanju problematike varnosti informacijskih tehnologij in ustrezne ukrepe, in management katastrof, ki opredeljuje pristop organizacije do morebitnih nepredvidljivih naravnih katastrof in terorističnih napadov. Pomeni načrtovanje ponovnega zagona poslovanja, ponovne nabave izgubljene opreme in krizno organizacijo. Politika varnosti obsega predvsem vsebino, ki jo politika proučuje, to so na primer standardi nadzora dostopov, odgovornosti, nadzor in sledenje, načrt bodočega poslovanja in drugo. Poleg tega nadrobneje opisujemo proces načrtovanja za politiko in različne pristope k politiki kot klasifikacijo politik na regulativne, svetovalne in informativne. Kot pomembnejši standard na področju varnosti informacijske tehnologije je izpostavljen in opisan mednarodni standard ISO 17799 in družina mednarodnih standardov ISO 24000, ki pa so še vedno v procesu nastajanja. Kot kontrolni mehanizem in predvsem pri začetnem analiziranju organizacije ob uvajanju managementa varnosti informacijskih tehnologij opisujemo audite ali presoje informacijskih sistemov in tehnologij. Poglavje obsega vrste auditov in auditorjev, sam proces izvajanja in vire informacij za izdelavo končnih poročil. Kot praktični primer navajamo ukrepe, ki jih je sprejelo podjetje Cablex – M d.o.o. s proučevanjem njihove varnosti informacijske tehnologije, dokumentirane s predpisi in pravilniki.
Keywords:Informacijski sistemi – so sestavljeni iz informacijske tehnologije, procesov in ljudi. So celota sestavin, ki zagotavljajo vse podatke, informacije in povezave med temi sestavinami v organizaciji in njenem okolju. Informacijska tehnologija - so sredstva in vedenje o obravnavanju podatkov: o zbiranju, obdelovanju, hranjenju, posredovanju ter prenašanju podatkov in o oblikovanju informacij. Vključuje računalnike, telekomunikacije, software, hardware, … Management varnosti informacijskih tehnologij
Year of publishing:2009
Source:Maribor
COBISS_ID:9904924 Link is opened in a new window
NUK URN:URN:SI:UM:DK:QZ4GR1MG
Views:2690
Downloads:153
Metadata:XML RDF-CHPDL DC-XML DC-RDF
Categories:EPF
:
  
Average score:(0 votes)
Your score:Voting is allowed only for logged in users.
Share:AddThis
AddThis uses cookies that require your consent. Edit consent...

Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Secondary language

Language:English
Title:SECURITY MANAGEMENT OF INFORMATION TECHNOLOGY
Abstract:The diploma thesis includes security management of information technology, security policy, important standards at the field of information technology, audits of information systems and technology and a practical case of implementing security of information technology in the company Cablex – M d.o.o. Security management of information technology studies the weaknesses and dangers of information technology systems, above all by researching threats, risks and possible countermeasurments. It includes security management that supplies us with possible solutions of encountering security problems of information technology and gives us possible suitable measures, and catastrophe management that defines how an organization should act in the case of an unpredictable natural catastrophe or terror attack. It means planning a reboot of production, repurchasing of lost equipment and a crisis organization. Security policy includes above all the content that the security policy investigates; these are for example access control standards, accountability, audit trails, business continuity plans and more. Besides that, it describes policy planning and different types of security policies like regulatory, advisory or informative policies. Important standards for information technology security are the international standard ISO 17799 and the family of standards ISO 24000, which is in the process of making. Audits are like a control mechanism and a tool for studying the security of information systems. The chapter is investigating different types of audits, execution of audits and sources of information needed to create audit reports. We describe the measurements which are implemented in company Cablex – m d.o.o. as a practical example of implementing security management.
Keywords:Information systems – they consist of information technology, processes and people. It is a whole of components which provides all data and information and links between these components in an organization or its environment. Information technology – are resources and the behavior of data processing; it is about collecting, storing, forwarding and transporting data and forming information. Computers, telecommunications, software, hardware and resources for office business are included there as well. Security management of information technology – it includes tasks of planning, directing and controlling, which are needed for implementing a well weighed process of information technology security and its continuous realization. Security policy – is a set of defined rules that are put in force by the management of an organization. Management sets forth the overall security information policy for employees and other members of the organization. It also defines the handling procedures for information an


Comments

Leave comment

You have to log in to leave a comment.

Comments (0)
0 - 0 / 0
 
There are no comments!

Back
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica