Return to search

Zhodnocení připravenosti podniku na zavedení ISO 27001 pomocí GAP analýzy / Evaluation of preparedness of a business for an implementation of ISO 27001 using Gap analysis

The aim of the thesis is to evaluate the preparedness of an information security management system (ISMS) in a logistic company JASA s.r.o. for a certification by standard ISO/IEC 27001:2013. This enterprise oscillates between small and medium enterprise. It has already implemented the certificate on quality management ISO 9001:2008. For this reason, in the thesis there are presented advantages for a company that already has implemented one of ISO standards and decides to implement another. First of all, the present state of information security management system in Jasa s.r.o was compared to other businesses functioning in the Czech and European market. Then the company control environment was evaluated accordingly to the requirements of standard ISO/IEC 27001:2013. Furthermore, a scheme was created in order to evaluate specific controls based on the impact risk that could arise in case of ignoring the suggested recommendations. In the last part, the controls were evaluated accordingly to difficulty, so that the company can find cheap and fast solutions with adequate impact. The main contribution of the thesis is the evaluation of the approach to solve information security in one of many enterprises that are afraid or are starting to notice the increasing amount of security threats. This approach may be chosen by other companies that decide to go the similar way.

Identiferoai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:203907
Date January 2016
CreatorsZrcek, Tomáš
ContributorsČermák, Igor, Šašek, Jaroslav
PublisherVysoká škola ekonomická v Praze
Source SetsCzech ETDs
LanguageCzech
Detected LanguageEnglish
Typeinfo:eu-repo/semantics/masterThesis
Rightsinfo:eu-repo/semantics/restrictedAccess

Page generated in 0.0015 seconds