Course detail

Management of industry solutions

FP-ImorKAcad. year: 2020/2021

Management of industry solutions "ImorbPA" immediately follows "ImibePA".
The object is to students with the various aspects of security and data protection in branch solutions from the point of view of the implementation and operation of the ISMS.
Emphasis is placed on the individual and on their impact specific to information security.

Language of instruction

Czech

Number of ECTS credits

5

Mode of study

Not applicable.

Learning outcomes of the course unit

Demonstrate knowledge of the methodology to build secure information systems based on the norms of ČSN ISO / IEC 27000.

Prerequisites

Subject may register students who have successfully completed the Management information security.
Is it recommended to students who have excellent knowledge and results.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

The course contains lectures that explain basic principles, problems and methodology of the discipline, and exercises that promote the practical knowledge of the subject presented in the lectures.

Assesment methods and criteria linked to learning outcomes

It will be specified by teacher.

Course curriculum

1. Cyber security.
2. Security awareness and education building.
3. The Information Security for managers.
4. GDPR issues.
5. The Information Security Management in government.
6. The Information Security Management in education.
7. The Information Security Management in health service.
8. The Information Security Management in energy industry.
9. The Information Security Management in ISP.
10. Converged network security.
11. WWW security management.
12. Mail security management.
13. Mobile device security management.

Work placements

Not applicable.

Aims

a) Grant students knowledge on specific problems and differences in branch solution of information security.
b) A understanding of case studies.
c) An overview of the different aspects of the branch of ISMS.

Specification of controlled education, way of implementation and compensation for absences

It will be specified by teacher.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

JORDÁN, Vilém a Viktor ONDRÁK. Integrovaná podniková infrastruktura. Brno: CERM Akademické nakladatelství, 2016. ISBN 978-80-214-5241-1.
Kissel, R. Small Business Information Security: The Fundamentals. NST, 2009.
ONDRÁK, Viktor, Petr SEDLÁK a Vladimír MAZÁLEK. Problematika ISMS v manažerské informatice. Brno: Akademické nakladatelství CERM, 2013. ISBN 978-80-7204-872-4.

Recommended reading

ČSN EN ISO 27799 Zdravotnická informatika - Systémy řízení bezpečnosti informací ve zdravotnictví využívající ISO/IEC 27002. Praha: Úřad pro technickou normalizaci, metrologii a státní zkušebnictví (ÚNMZ), 2017.
ISO/IEC 27011 Code of practice for information security controls based on ISO/IEC 27002 for telecommunications organizations. International standard, 2016.
ISO/IEC 27019 Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry. International standard, 2017.

Classification of course in study plans

  • Programme MGR-IM-KS Master's 1 year of study, summer semester, compulsory

Type of course unit

 

Guided consultation in combined form of studies

16 hod., optionally

Teacher / Lecturer

Syllabus

Poskytnout studentům znalosti a vědomosti o specifických problémech a odlišnostech při oborovém řešení informační bezpečnosti formou přednášek a případových studií z různých oborů.
Prohloubit manažerské bezpečnostní dovednosti ve specifických oborech v závislosti na oborových rozdílnostech a odlišnostech ISMS.

1. Bezpečnost v kyberprostoru.
2. Budování bezpečnostního povědomí - SAE.
3. Manažerská informační bezpečnost.
4. Problematika GDPR.
5. ISMS v ISVS.
6. ISMS v univerzitním prostředí.
7. ISMS ve zdravotnictví.
8. ISMS v energetice.
9. ISMS poskytovatelů konektivity (ISP).
10. Bezpečnost konvergovaných sítí.
11. Řízení bezpečnost www aplikací.
12. Řízení bezpečnost mailových aplikací.
13. Řízení mobilní bezpečnosti.