This master thesis deals with the topics Information Security Management by the group of ISO/IEC 27000 norms and implementation of the Information Security Management System (ISMS) in one particular company. The theoretical part describes the group of norms ISO/IEC 27000 and the legislation and institutions related to these norms. Then the theoretical framework of a risk analysis is introduced. The benefits and possible obstacles when implementing the ISMS in an organization with emphasis on small businesses is described at the end of the theoretical part. The practical part includes a complex risk analysis and measures to be taken for the revealed risks. Furthermore, it involves the settings of the information security internal rules in the company Bluepool s.r.o. with regard to the risk management and information security policy. The conclusion of this part puts forward a proposal of the process and examples of implementation, time schedule and budget for implementation of adopted measures.
Identifer | oai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:359161 |
Date | January 2017 |
Creators | Menčík, Jan |
Contributors | Veber, Jaromír, Světlík, Marián |
Publisher | Vysoká škola ekonomická v Praze |
Source Sets | Czech ETDs |
Language | Czech |
Detected Language | English |
Type | info:eu-repo/semantics/masterThesis |
Rights | info:eu-repo/semantics/restrictedAccess |
Page generated in 0.0015 seconds