Přístupnostní navigace
E-application
Search Search Close
Course detail
FP-MICTAcad. year: 2024/2025
The course focuses on the following topics: information security and availability in IS, communication security, security strategy and security management.
Language of instruction
Number of ECTS credits
Mode of study
Guarantor
Department
Entry knowledge
They are not required
Rules for evaluation and completion of the course
The course is not concluded by a course-unit credit:Conditions for passing an exam: Knowledge of taught topics and its practical application.Form of examination is combined:- a written test of 50 questions, must correctly answer at least 25 questions, according to ECTS classification,- an oral examination.Resulting from simple arithmetic average of the two parts.Attendance at lessons is not checked. The course consists of lectures only, and the attendance at them is not compulsory
Aims
Study aids
The Information Security Management scripts are available in electronic form in the course literature
Standards of the 27000 series available electronically from the BUT library
Prerequisites and corequisites
Basic literature
Recommended reading
Elearning
Classification of course in study plans
Lecture
Teacher / Lecturer
Syllabus
1. Information system from the point of view of information security - decomposition, analysis of information services and users
2. Information security - basic terms, attributes, mechanisms
3. Information assets - analysis, classification, evaluation, ownership, vulnerability analysis
4. Security event - detection, evaluation
5. Security incident - management cycle, ISIRT, impact assessment, incident resolution
6. Security threats - analysis, assessment, synthesis of influence
7. Security risks - risk identification, risk analysis methods, assessment of consequences, risk level
8. Treatment of risks - modification, acceptance, avoidance, sharing of risks, residual risks
9. Risk management system - determination of context, structure, risk acceptance, communication, monitoring and review
10. Safety measures - proposals, management, life cycle, efficiency
11. Information security management systems - ITIL, COBIT, CRAMM, CC, ISO/IEC 27000
12. Implementation of ISMS - analysis of requirements, determination of boundaries, organization design, ISMS policy, documentation
13. ISMS operation - monitoring, measurement, audit, certification
E-learning texts