Analýza informačního systému ISAD a návrh jeho změn / The Analysis of the ISAD Information System and Change Proposal

Schoffer, Pavel

January 2016

This diploma thesis focuses on the information system ISAD owned by ISIT a.c. Primary part of the project is composed of analysis of the system and used technologies. Another part is concentrated on integration of the system for given customer and possibilities of enhancement. Project also contains proposals of new and enhancements of current functionality of the system.

Posouzení informačního systému firmy a návrh změn / Information System Assessment and Proposal of ICT Modification

Patáčik, Andrej

January 2020

In this master’s thesis I focused on assessment of the information system Metrik for Continental Matador Rubber, s.r.o., specifically for the department of Global Evaluation Púchov in Slovakia. The solutions design is based on results of system and company analysis. Output of this thesis is a design of measures and changes aimed on improving efficiency of the analyzed system, improving information and cyber security and increasing overall satisfaction of employees.

Integrace ERP systému Helios Easy a řešení pro elektronický obchod / The Integration of the ERP System Helios Easy and E-commerce Solution

Konečný, Martin

January 2014

This diploma thesis focuses on the issue of implementation of ERP system for small company, and proposes a solution to create a custom enterprise system for e-commerce, which is integrated with the ERP system. Author´s proposals are conceived in the form of a project, including definition of goals, definition of the logical framework, time analysis, risk analysis and economic evaluation.

Strategie pro rozvoj vzdělávání v oblasti bezpečnosti ICT na vysokých školách / Strategy for the development of education in the field of ICT security at universities

Sulanová, Monika

January 2017

The thesis deals with the problems of education in ICT security experts at universities in order to design a strategy for the development of education in present degree courses that dealing with this issue. The theoretical part focuses on the definition of ICT security and to familiarize the reader with the basic concepts of information security management and management of cyber security and gives an overview of the overall development of ICT security and the current trends in this area. It also describes the current situation on the labor market in relation to ICT security and the education of professionals in this field and characterizes the existing recommendations for education in ICT security. Practical part focuses on analyzing the current education ic ICT security and on analyzing the knowledge and skills requirements of the labor market to professionals in this area. Defines the basic professional role and knowledge domains that should be covered by this role. In the analytical part they are evaluated current profiles of graduates Master's degree programs focused on this area in order to find gaps in the knowledge base of graduates based on the requirements of the labor market and the existing recommendations. The results of the analysis are input to define a strategy on education in ICT security, which gives basic recommendations on how to eliminate the shortcomings.

Nasazení kontextového DLP systému v rámci zavádění ISMS / Deployment of the Context DLP System within ISMS Implementation

Imrich, Martin

January 2015

This diploma thesis focuses on a DLP implementation within a specific organization. The thesis contains current situation analysis and provides decision for choice of the most suitable DLP based on the analysis findings. Eventually describes a real implementation of the chosen DLP system within the organization.

Posouzení informačního systému firmy a návrh změn / Information System Assessment and Proposal for ICT Modification

Marek, Jaroslav

January 2015

This diploma thesis is focused on evaluation of the Allrisk, ltd. information system and on the changes proposal. The theoretical part of the work describes an essential background and an explanation of individual methods used for analysis of information systems. Shortcomings revealed by the analysis are worked up and measures are taken to improve the current state.

Towards a framework to ensure alignment among information security professionals, ICT security auditors and regulatory officials in implementing information security in South Africa

Basani, Mandla

02 1900

Information security in the form of IT governance is part of corporate governance. Corporate governance requires that structures and processes are in place with appropriate checks and balances to enable directors to discharge their responsibilities. Accordingly, information security must be treated in the same way as all the other components of corporate governance. This includes making information security a core part of executive and board responsibilities. Critically, corporate governance requires proper checks and balances to be established in an organisation; consequently, these must be in place for all information security implementations. In order to achieve this, it is important to have the involvement of three key role players, namely information security professionals, ICT security auditors and regulatory officials (from now on these will be referred to collectively as the ‘role players’). These three role players must ensure that any information security controls implemented are properly checked and evaluated against the organisation’s strategic objectives and regulatory requirements. While maintaining their individual independence, the three role players must work together to achieve their individual goals with a view to, as a collective, contributing positively to the overall information security of an organisation. Working together requires that each role player must clearly understand its individual role, as well the role of the other players at different points in an information security programme. In a nutshell, the role players must be aligned such that their involvement will deliver maximum value to the organisation. This alignment must be based on a common framework which is understood and accepted by all three role players. This study proposes a South African Information Security Alignment (SAISA) framework to ensure the alignment of the role players in the implementation and evaluation of information security controls. The structure of the SAISA framework is based on that of the COBIT 4.1 (Control Objectives for Information and Related Technology). Hence, the SAISA framework comprises four domains, namely, Plan and Organise Information Security (PO-IS), Acquire and Implement Information Security (AI-IS), Deliver and Support Information Security (DS-IS) and Monitor and Evaluate Information Security (ME-IS). The SAISA framework brings together the three role players with a view to assisting them to understand their respective roles, as well as those of the other role players, as they implement and evaluate information security controls. The framework is intended to improve cooperation among the role players by ensuring that they view each other as partners in this process. Through the life cycle structure it adopts, the SAISA framework provides an effective and efficient tool for rolling out an information security programme in an organisation / Computer Science / M. Sc. (Computer Science)

Information security professionals,

ICT security auditors,

Regulatory officials

Framework

Role players

Information security programme

Corporate governance

IT governance

COBIT

005.80968

A framework to integrate information and communication technology security awareness into the South African education system

Walaza, Mvelo

January 2017

Text in English / There is general consensus about the importance of Information and Communication Technology (ICT) security in South Africa. This consensus is evident from initiatives related to the formulation of legislation and policies like the Electronic Communications and Transactions (ECT) Act and the National Cyber Security Policy. A number of South African academic institutions have also come on board with initiatives aimed at enhancing ICT security awareness all over the country. In fact, ICT security awareness has been classified as an important component of South Africa’s national security. Many countries use ICT to improve and enhance the standard of their education systems. A number of scholars in South Africa have conducted studies with the aim of proving that ICT can play a major role in improving the quality of education in the country. The research in hand investigates the lack of integration of ICT security awareness into the South African education system. The literature review that was conducted reveals that there is a huge problem especially when it comes to the integration of ICT security awareness into the South African schooling system. The advancement of technology has come with a number of advantages and disadvantages. The easy access to information via the internet, coupled by unsupervised access to instant messaging applications (Skype, MXiT) and social media platforms (Facebook, Twitter and many more), hugely increases the vulnerability of school learners to ICT security attacks and ICT-related crime. The current research therefore investigates the vulnerability caused by the lack of ICT security awareness among school learners as one of the main disadvantages of the advancement of information technology. An analysis of existing models and frameworks in the two spheres of ICT, namely education and ICT security was conducted. The aim was to determine any similarities or overlap between these spheres and to determine whether the existing ICT models and frameworks are relevant to South Africa. The analysis showed a significant disparity and inconsistency between the two spheres and proved that there is a definite need for a framework (relevant to South Africa) that can be used for the integration of ICT security awareness into South African education. Hence, the researcher proposed a more integrated approach in the form of a framework that is directed at South African school learners, based on an in-depth literature review of past scholarly work, models and frameworks. Having reviewed a number of existing models and frameworks, and identifying the potential gaps, the researcher proposed a framework to address the lack of integration of ICT security awareness into the South African education system. The proposed framework, called the South African ICT Security Awareness Framework for Education (SAISAFE), was reviewed for its potential applicability in the South African context, and the results of the literature review analysis are reported to support the analysis of models and frameworks. / School of Computing / M. A. (Computing)

ICT

ICT Security

Education

Models

Frameworks

Security

Awareness

School learners

005.80968

Computer security -- South Africa

Information technology -- South Africa

Education -- South Africa

Information, communication and technological competencies in a digital working environment : a case study in the Netherlands Defence Organization

Broos, Elizabeth

18 June 2008

This research is an attempt to obtain insight in the influence of ICT and the information society on the labour environment of the officers of the Netherlands Defence Organization and to determine the competence of those officers in a number of information, communication and technological areas associated with the changed ways of working in the information society as they are discussed in the literature. What was found is that a substantial number of officers are not fully prepared to participate in the new ways of working required in the information society. The implications of those findings for a digital learning environment for the Netherlands Defence Academy are discussed and a general model for information, communication and technological competencies for managers in the information society is proposed based on the results of the case study. / Thesis (PhD (Computer-Integrated Education))--University of Pretoria, 2008. / Curriculum Studies / unrestricted

Innovation management

E-leader

Change management

Ict-security awareness

Competency management

Knowledge management

Learning organization

Digital learning environment

Information society

Ict-competencies

UCTD

Výzvy pro CIO / Challenges for CIO

Kouřimský, Vlastimil

January 2011

The diploma thesis deals with the issue of the chosen current trends of ICT. The CIO represents the crucial person of the whole thesis. The aim of the thesis is to describe and comment on the connection of the role of the CIO with trends and challenges he/she has to face in recent times. To fulfill this aim it is necessary to realize the current trends through the integration of surveys of the renowned companies dealing with the ICT market. The field overhang of these studies dedicated to technologies is essential. The benefit of the thesis consists of the connection of the business and ICT at the CIO level. The abstraction from technical specifications of the particular trend as well as from the managerial point of view creates an image of the challenges for the CIO in the company context. The introductory part of the thesis reflects the position of ICT in companies and creates an image of the internal connection of the company as a whole. The core of the main part of the thesis contains chapters dedicated to the trends in particular: data analysis, content analysis, social business, big data, ICT security and education. Each of these main chapters describes the current state of the ICT field and its role in the company context. The last part of each main chapter deals with the benefit and the role of the CIO for the mentioned field. CIO's influence on the challenge, allies and possible risks of the trend are mentioned. At the end of the thesis the benefit of the CIO for the company and his/her role of facing challenges which come from the ICT field are evaluated. CIO plays an important role as a responsible person for particular challenges. Nevertheless, as it is apparent from the thesis, the CIO is not the only important part of the system that is necessary to create the maximum from each challenge.