|
Lecturer(s)
|
-
Mlýnek Jaroslav, doc. RNDr. CSc.
|
|
Course content
|
1. Information significance for business company a. electronic information - the component of the most important assets of company b. dependence of company activities on electrical information processing c. necessity of ensuring of information availability inside company and for communication with external subjects 2. Reasons of availability information ensuring a. observance of responsibilities implied from legislation b. contracting obligations with other subjects c. business interests of company 3. Definition of basic terms of business continuity management and crisis management area disaster plan, recovery plan, information system and its components, possible reasons of information system accident etc. 4. Procedure of business continuity ensuring a. approval of internal policy of business continuity by top management of company b. identification of company processes c. determination of critical (the most important) activities for company; evaluation of information used by critical processes by means of business impact analysis d. processing of necessary emergency plans, testing and updating of this plans 5. Policy of business continuity ensuring a. internal document of company, obligatory for employees and external users of company information system b. definition of way of solving of information availability, definition of competences and responsibilities in company in conditions of emergency of information system c. practical example of business continuity policy 6. Definition of critical processes and activities, realisation of impact analysis a. identification of processes and activities of company b. performance of business impact analysis - determination critical processes and activities c. methods to performance of business impact analysis and evaluation of relevant electronic information 7. Practical example of methodology and SW tool Strohl use use of methodology and SW tool of Strohl company (USA) for realisation business impact analysis - use of BIA (Business Impact Analysis) module, example of negative business impact in conditions of unavailability of "company internet business" and "call centre service" 8. Processing of disaster plans a. definition of processes and services to processing of disaster plans b. process of disaster plan realisation c. components of disaster plan (responsibilities, work teams, work team activities sequence, material, documents) 9. - 10. Practical examples of emergency plans processing practical examples of emergency plans processing for "company internet business" and "call centre service" by use of methodology and SW tool of Strohl company - module LDPRS (Living Disaster Recovery Planning System) 11. Process of emergency plans testing a. structured walk-through test b. checklist test c. simulation test d. parallel test e. full interrupt test 12. Examples of disaster emergency plans testing examples of emergency plans testing for "company internet business" and "call centre service" 13. Use of emergency plans use of emergency plans for crisis management and recovery of business service in consequence of emergency 14. Update of emergency plans update of emergency plans, the most frequent lacks during of processing, testing and use of emergency plans
|
|
Learning activities and teaching methods
|
Monological explanation (lecture, presentation,briefing)
- Home preparation for classes
- 28 hours per semester
- Preparation for exam
- 40 hours per semester
- Semestral paper
- 24 hours per semester
- Class attendance
- 28 hours per semester
|
|
Learning outcomes
|
The subject follows with its content the subject "Security of Business Information" (ZOI). A priority of every successful business company is to ensure its important business activities. Practically, all important activities of company are dependent on functionality of company information system. Content of the subject focuses on questions of business continuity management in cases of information system (or its part) crash and consequent electronic information unavailability. Determination of negative business impacts for company (business impact analysis) and critical processes in company is basic initial step of ensuring of business continuity management. Students get acquainted with basic methods of information evaluation and definition of negative impacts for company. The attention is dedicated to problems of business continuity management plans, disaster recovery plans and crisis management. A component of every plan is definition of liabilities for its realisation, definition of work teams cooperating on plan realisation, personnel composition of teams, definition of sequence of activities of individual work teams. The procedures of testing of different level plans and use of plans in cases of crash are presented. Procedures in question are illustrated on practical examples.
A student gains knowledge in management of business continuity of a company in cases of electrical information unavailability as a consequence of information system (or its part) crash.
|
|
Prerequisites
|
Basic course of mathematics
|
|
Assessment methods and criteria
|
Combined examination
Exam from mathematics Exam: written + oral part
|
|
Recommended literature
|
-
Norma PAS 56: Guide to Business Continuity Management.
-
Antušák, E., Kopecký, Z. Krizový management - krizová komunikace. VŠE v Praze, 2006. ISBN 80-245-0951-2.
-
Mlýnek, J. Zabezpečení obchodních informací.. Computer Press, Brno, 2007. ISBN 978-80-251-1511-4.
-
Peltier, T., R. Information Security Risk Analysis. Taylor & Francis Group, Boca Raton, USA, 2005.
-
Rektořík, J. Krizový management ve veřejné správě - teorie a praxe. Ekopress, Praha, 2004.
-
Sloupenský, V., Žehra, F. Bankovní bezpečnost. Bankovní institut, Praha, 1997.
-
Smejkal, V., Rais, K. Řízení rizik. Grada, Praha, 2003. ISBN 80-247-0198-7.
|