Course detail

IS/IT Security

FP-BbezPAcad. year: 2021/2022

The course focuses on the following topics: information security and availability in IS, communication security, security strategy and security management.

Language of instruction

Czech

Number of ECTS credits

Mode of study

Not applicable.

Guarantor

Ing. Viktor Ondrák, Ph.D.

Department

Institute of Informatics (ÚI)

Learning outcomes of the course unit

Students will gain a basic knowledge of information security - possible security threats, security measures.
After completing the course students will be able to classify assets, analyse security risks in IS / IT and propose comprehensive solutions for their prevention, so as to create security company strategy and proposed safety management system of firm.

Prerequisites

Computer literacy, knowledge of operating systems, computer networks, cryptography.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

The course contains lectures that explain basic principles, problems and methodology of the discipline.

Assesment methods and criteria linked to learning outcomes

The course is concluded by a course-unit credit:
Conditions for passing a course-unit credit: Knowledge of taught topics and its practical application.
Students must pass a written test of 40 questions, must correctly answer at least 20 questions, according to ECTS classification.

Course curriculum

1. Introduction to IS / ICT security, basic concepts
2. Information assets
3. Security events, security incidents
4. Security threats
5. Security risk management
6. Safety precautions
7. Information security management systems
8. Standards of the ISO / IEC 27000 series
9. Implementation of ISMS
10. Operation of ISMS
11. Review, audit, ISMS certification
12. The Cyber Security Act
13. EU-NIS Directive, GDPR

Work placements

Not applicable.

Aims

The main objective of the course is to provide students with the necessary knowledge with respect to IS/IT security, to teach them how to apply the risk analysis as well as to design corporate safety strategy of firm.

Specification of controlled education, way of implementation and compensation for absences

Attendance at lessons is not checked.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

DOUCEK, P., L. NOVÁK, L. NEDOMOVÁ a V. SVATÁ. Řízení bezpečnosti informací. 2.vyd. Praha: Professional Publishing, 2011. 240 s. ISBN 978-80-7431-050-8
ONDRÁK, V: Management informační bezpečnosti. Brno, 2015, Skriptum FP VUT – dostupné v elektronické podobě.
ONDRÁK, V., P. SEDLÁK, V. MAZÁLEK. Problematika ISMS v manažerské informatice. Brno: CERM. 2013, 378 s. ISBN 978-80-7204-872-4.