A Policy Gap Analysis of Convention on International Trade in Endangered Species of Wild Fauna and Flora (CITES) Implementation in Nepal

Dongol, Yogesh

31 March 2011

This study attempts to understand how domestic CITES policies are translated into action and what effect actions and processes have on compliance. In doing so, this study provides insight into the implementation and enforcement pitfalls of national legislation that explain CITES violations in Nepal. Primarily, I used key informants interviews to learn opinions of experts, and the grounded theory approach for further qualitative data analysis. In addition, I used Najman’s (1995) policy implementation analysis framework to explain gaps. Many interrelated variables in the content of the policy, commitment and capacity of the agencies, the roles of clients and coalitions and contextual issues were observed. Variables that emerged suggest pitfalls in the regulatory policy represented by low probability of detection, arrest and punishment. Moreover, redistributive policies in buffer zones of protected areas are needed into perpetuity to benefit locals. Also, conservation organizations’ support for building public and political salience is imperative.

CITES

Policy Gap Analysis

Policy Implementation

Enforcement of Wildlife policy

Illegal Wildlife Trade in Nepal

Legal Wildlife Trade in Nepal

Zhodnocení připravenosti podniku na zavedení ISO 27001 pomocí GAP analýzy / Evaluation of preparedness of a business for an implementation of ISO 27001 using Gap analysis

Zrcek, Tomáš

January 2016

The aim of the thesis is to evaluate the preparedness of an information security management system (ISMS) in a logistic company JASA s.r.o. for a certification by standard ISO/IEC 27001:2013. This enterprise oscillates between small and medium enterprise. It has already implemented the certificate on quality management ISO 9001:2008. For this reason, in the thesis there are presented advantages for a company that already has implemented one of ISO standards and decides to implement another. First of all, the present state of information security management system in Jasa s.r.o was compared to other businesses functioning in the Czech and European market. Then the company control environment was evaluated accordingly to the requirements of standard ISO/IEC 27001:2013. Furthermore, a scheme was created in order to evaluate specific controls based on the impact risk that could arise in case of ignoring the suggested recommendations. In the last part, the controls were evaluated accordingly to difficulty, so that the company can find cheap and fast solutions with adequate impact. The main contribution of the thesis is the evaluation of the approach to solve information security in one of many enterprises that are afraid or are starting to notice the increasing amount of security threats. This approach may be chosen by other companies that decide to go the similar way.

Přechod od Programu prevence nehod a bezpečnosti letů k Systému řízení bezpečnosti u malého leteckého dopravce / Transition from Accident Prevention and Flight Safety Programme to Safety Management System in a small air operator

Hloucal, Aleš

January 2010

The aim of the Master´s thesis is the design process of transition to a fully integrated safety management system, taking into consideration the unique characteristics of small air operators. It means describing the initial situation, studying the requirements and recommendations of ICAO Doc.9859 a proposal for the transition to fully integrated security management system, taking into account the specifics of a small air operators. Work also includes a description of the "target state", all inputs, outputs and main functions, integration into the quality system and the organization of society as a whole.

GAP analýza systému řízení bezpečnosti informací / GAP analysis of information security management system

Konečný, Martin

January 2019

The master’s thesis focuses on GAP analysis of information security management system. The thesis consists of theoretical, analytical and practical part. The first part discusses the theoretical background of the issue of information and cyber security. The analytical part describes the current condition of the researched company. The thesis’s output is the draft of risk register and draft of security countermeasures implementation. The draft targets on countermeasures leading to increase information security in company.