{"id":239,"date":"2020-02-21T18:18:33","date_gmt":"2020-02-21T17:18:33","guid":{"rendered":"http:\/\/www.forensee.cz\/?page_id=239"},"modified":"2021-03-30T12:32:18","modified_gmt":"2021-03-30T10:32:18","slug":"rizeni-informacni-bezpecnosti","status":"publish","type":"page","link":"https:\/\/www.forensee.cz\/en\/rizeni-informacni-bezpecnosti\/","title":{"rendered":"Security of Information Management"},"content":{"rendered":"

[et_pb_section fb_built=“1″ _builder_version=“4.0.4″ background_image=“http:\/\/www.forensee.cz\/wp-content\/uploads\/2020\/03\/dreamstime_xxl_154771088-2-Cropped.jpg“ height=“500px“ animation_style=“fade“][et_pb_row _builder_version=“4.0.4″ custom_margin=“32px||||false|false“][et_pb_column type=“4_4″ _builder_version=“4.0.4″][et_pb_text _builder_version=“4.0.4″ text_text_color=“#ffffff“ header_text_color=“#ffffff“ header_font_size=“50px“ header_2_text_color=“#ffffff“ text_orientation=“center“ header_font_tablet=““ header_font_phone=““ header_font_last_edited=“on|desktop“ header_font_size_tablet=“45px“ header_font_size_phone=“40px“ header_font_size_last_edited=“on|phone“ header_line_height_tablet=“1.3em“ header_line_height_phone=“1.3em“ header_line_height_last_edited=“on|tablet“ header_2_font_tablet=““ header_2_font_phone=““ header_2_font_last_edited=“on|phone“ header_2_font_size_tablet=“22px“ header_2_font_size_phone=“20px“ header_2_font_size_last_edited=“on|phone“ header_2_line_height_tablet=“1.3em“ header_2_line_height_phone=“1.3em“ header_2_line_height_last_edited=“on|tablet“ header_text_shadow_style=“preset5″ header_text_shadow_horizontal_length=“0.04em“ header_text_shadow_vertical_length=“0.06em“ header_2_text_shadow_style=“preset5″]<\/p>\n

\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti<\/b><\/h1>\n

 <\/p>\n

 <\/p>\n

Informa\u010dn\u00ed bezpe\u010dnost nejen dle ISO\/IEC 27 001<\/h2>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=“1″ _builder_version=“4.0.4″ custom_margin=“||-25px||false|false“][et_pb_row column_structure=“1_3,1_3,1_3″ _builder_version=“4.0.4″ animation_style=“fade“][et_pb_column type=“1_3″ _builder_version=“4.0.4″ custom_padding=“0px||||false|false“][et_pb_testimonial quote_icon_color=“#ff9500″ _builder_version=“4.0.4″ body_font=“|600|||||||“ body_text_color=“#000000″ body_font_size=“18px“ background_color=“rgba(0,0,0,0.04)“ box_shadow_style=“preset1″]Jsme si v\u011bdomi hodnoty informac\u00ed a chceme pomoci s \u00fa\u010dinn\u00fdm \u0159\u00edzen\u00edm jejich bezpe\u010dnosti.[\/et_pb_testimonial][\/et_pb_column][et_pb_column type=“1_3″ _builder_version=“4.0.4″][et_pb_testimonial quote_icon_color=“#ff9500″ _builder_version=“4.0.4″ body_font=“|600|||||||“ body_text_color=“#000000″ body_font_size=“18px“ background_color=“rgba(0,0,0,0.04)“ box_shadow_style=“preset1″]Pot\u0159ebujeme pomoct s implementac\u00ed syst\u00e9mu \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed dle ISO\/IEC 27 001 a s p\u0159\u00edpravou na certifikaci dle t\u00e9to normy.[\/et_pb_testimonial][\/et_pb_column][et_pb_column type=“1_3″ _builder_version=“4.0.4″][et_pb_testimonial quote_icon_color=“#ff9500″ _builder_version=“4.0.4″ body_font=“|600|||||||“ body_text_color=“#000000″ body_font_size=“18px“ background_color=“rgba(0,0,0,0.04)“ box_shadow_style=“preset1″]Nem\u00e1me vhodn\u00e9ho pracovn\u00edka pro roli intern\u00edho auditora dle ISO\/IEC 27 001 nebo se n\u00e1m nevyplat\u00ed na tuto \u010dinnost n\u011bkoho zam\u011bstnat.[\/et_pb_testimonial][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=“1″ _builder_version=“4.9.2″ background_color=“rgba(0,0,0,0.07)“ custom_margin=“0px||||false|false“ custom_padding=“0px||0px||false|false“ hover_enabled=“0″ border_color_top=“#ff9500″ border_color_bottom=“#ff9500″ sticky_enabled=“0″][et_pb_row _builder_version=“4.9.2″ custom_padding=“||24px|||“ hover_enabled=“0″ sticky_enabled=“0″][et_pb_column type=“4_4″ _builder_version=“4.0.4″][et_pb_text _builder_version=“4.9.2″ text_text_color=“#000000″ text_font_size=“16px“ header_text_color=“#000000″ header_2_font=“||||||||“ header_2_text_color=“#000000″ header_2_font_size=“35px“ header_2_line_height=“1.3em“ hover_enabled=“0″ header_text_align=“justify“ sticky_enabled=“0″ text_orientation=“justified“]<\/p>\n

ISMS<\/h2>\n

Dokumentovan\u00fd syst\u00e9m ISMS (Information Security Management System), neboli syst\u00e9m \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed je syst\u00e9m, kter\u00fd chr\u00e1n\u00ed zvolen\u00e1 informa\u010dn\u00ed aktiva pomoc\u00ed anal\u00fdzy mo\u017en\u00fdch rizik a n\u00e1sledn\u00fdm zaveden\u00edm opat\u0159en\u00ed, kter\u00e1 jsou pr\u016fb\u011b\u017en\u011b kontrolov\u00e1na. Zn\u00ed to mo\u017en\u00e1 slo\u017eit\u011b, ale tento syst\u00e9m je vhodn\u00fd pro v\u0161echny organizace, kter\u00e9 jak\u00fdmkoliv zp\u016fsobem pracuj\u00ed s informa\u010dn\u00edmi syst\u00e9my nebo informacemi obecn\u011b. Tedy pro v\u0161echny. To znamen\u00e1, \u017ee ISMS lze pou\u017e\u00edt jak pro firmu o p\u00e1r zam\u011bstnanc\u00edch, tak i pro nadn\u00e1rodn\u00ed spole\u010dnost. Velk\u00e9 spole\u010dnosti tento syst\u00e9m v\u00a0dne\u0161n\u00ed dob\u011b ji\u017e b\u011b\u017en\u011b zaveden\u00fd maj\u00ed, naopak ty mal\u00e9 na bezpe\u010dnosti informac\u00ed \u010dasto nekladou dostate\u010dn\u00fd d\u016fraz a bezpe\u010dnost za\u010d\u00ednaj\u00ed \u0159e\u0161it a\u017e v okam\u017eiku, kdy dojde k\u00a0jej\u00edmu naru\u0161en\u00ed. P\u0159itom informace jsou \u010dasto to nejcenn\u011bj\u0161\u00ed aktivum spole\u010dnosti.<\/p>\n

Co kdy\u017e nechci certifik\u00e1t<\/strong><\/span><\/p>\n

K dokon\u010den\u00ed procesu implementace ISMS ve spole\u010dnosti formou certifikace existuje cel\u00e1 \u0159ada d\u016fvod\u016f – presti\u017e, po\u017eadavky partner\u016f nebo firemn\u00ed politika. Certifikace v\u0161ak nen\u00ed nikterak povinn\u00e1. Pro \u0159adu spole\u010dnost\u00ed je d\u016fle\u017eit\u00e1 podstata ISMS – uv\u011bdom\u011bn\u00ed, \u017ee disponuj\u00ed aktivy ur\u010dit\u00e9 hodnoty a dbaj\u00ed o jejich bezpe\u010dnost. A stvrzen\u00ed t\u00e9to skute\u010dnosti certifik\u00e1tem nevy\u017eaduj\u00ed. V \u0159ad\u011b p\u0159\u00edpad\u016f se tak dokonce syst\u00e9m \u0159\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti m\u016f\u017ee st\u00e1t p\u0159irozen\u011bj\u0161\u00edm a v organizaci je l\u00e9pe a rychleji p\u0159ij\u00edm\u00e1n. Jsme p\u0159ipraveni spolupracovat s v\u00e1mi na jak\u00e9mkoliv projektu, a\u0165 u\u017e je jeho c\u00edlem z\u00edsk\u00e1n\u00ed certifikace dle ISO\/IEC 27 001 nebo „jen“ implementace z\u00e1kladn\u00edch pravidel a postup\u016f informa\u010dn\u00ed bezpe\u010dnosti.<\/p>\n

<\/strong><\/span><\/p>\n

Zaveden\u00ed syst\u00e9mu ISMS dle ISO\/IEC 27 001 s n\u00e1slednou certifikac\u00ed<\/strong><\/span><\/p>\n

Pokud se rozhodnete pro zaveden\u00ed syst\u00e9mu \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed s c\u00edlem z\u00edskat certifikaci dle ISO\/IEC 27 001, jsme p\u0159ipraveni v\u00e1m pomoci ve v\u0161ech f\u00e1z\u00edch implementace i certifikace. \u00davodn\u00edm krokem je kr\u00e1tk\u00e1 vstupn\u00ed srovn\u00e1vac\u00ed anal\u00fdza, na z\u00e1klad\u011b kter\u00e9 ur\u010d\u00edme aktu\u00e1ln\u00ed p\u0159ipravenost organizace a odhadneme n\u00e1ro\u010dnost cel\u00e9ho projektu ve va\u0161em konkr\u00e9tn\u00edm p\u0159\u00edpad\u011b.<\/p>\n

Prvn\u00ed f\u00e1ze procesu pak spo\u010d\u00edv\u00e1 ve zmapov\u00e1n\u00ed proces\u016f organizace. Tento krok je nezbytn\u00fd pro to, abychom mohli spole\u010dn\u011b ur\u010dit, v kter\u00fdch \u010d\u00e1stech organizace bude syst\u00e9m ISMS implementov\u00e1n a certifikov\u00e1n. V\u00fdstup z t\u00e9to \u010d\u00e1sti je nav\u00edc univerz\u00e1ln\u011b pou\u017eiteln\u00fd pro dal\u0161\u00ed \u0159\u00edzen\u00ed organizace. Velice \u010dasto toti\u017e odhal\u00ed slab\u00e1 m\u00edsta \u0159\u00edzen\u00ed, na kter\u00e9 se pak veden\u00ed organizace – bez ohledu na syst\u00e9m ISMS – m\u016f\u017ee zam\u011b\u0159it.<\/p>\n

V druh\u00e9m kroku jsou zmapov\u00e1na informa\u010dn\u00ed aktiva organizace. Na z\u00e1klad\u011b znalosti proces\u016f a aktiv lze pot\u00e9 vypracovat anal\u00fdzu rizik. Ta pak slou\u017e\u00ed jako vstup pro n\u00e1vrh opat\u0159en\u00ed k jejich minimalizaci.<\/p>\n

Pom\u016f\u017eeme v\u00e1m s vypracov\u00e1n\u00edm ve\u0161ker\u00e9 dokumentace – a\u0165 t\u00e9 povinn\u00e9, je\u017e je vy\u017eadov\u00e1na pro \u00fasp\u011b\u0161nou certifikaci, tak t\u00e9 nepovinn\u00e9, kter\u00e1 v\u00e1m pom\u016f\u017ee v praktick\u00e9m \u017eivot\u011b organizace z\u00e1sady ISMS uplat\u0148ovat. Samoz\u0159ejmost\u00ed je i zaji\u0161t\u011bn\u00ed \u0161kolen\u00ed zam\u011bstnanc\u016f, pokud se to uk\u00e1\u017ee jako pot\u0159ebn\u00e9.<\/p>\n

V posledn\u00ed f\u00e1zi v\u00e1m budeme n\u00e1pomocni p\u0159i p\u0159\u00edprav\u011b na samotnou certifikaci i b\u011bhem n\u00ed. Po \u00fasp\u011b\u0161n\u00e9m z\u00edsk\u00e1n\u00ed certifik\u00e1tu dle ISO\/IEC 27 001 jsme p\u0159ipraveni pomoci v\u00e1m se spln\u011bn\u00edm po\u017eadavk\u016f neust\u00e1l\u00e9ho zlep\u0161ov\u00e1n\u00ed, \u0159\u00edzen\u00ed neshod a implementace n\u00e1pravn\u00fdch opat\u0159en\u00ed.<\/p>\n


Intern\u00ed auditor ISMS a mana\u017eer ISMS<\/strong><\/span><\/p>\n

Tyto pozice jsou pro certifikovan\u00fd syst\u00e9m \u0159\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti dle ISO\/IEC 27 001 kl\u00ed\u010dov\u00e9 a povinn\u00e9. Na\u0161i experti disponuj\u00ed odpov\u00eddaj\u00edc\u00ed kvalifikac\u00ed a neust\u00e1le se v oboru vzd\u011bl\u00e1vaj\u00ed. R\u00e1di v\u00e1m nab\u00eddneme jejich dovednosti a zku\u0161enosti pro outsourcing t\u011bchto kl\u00ed\u010dov\u00fdch rol\u00ed.<\/p>\n

Prov\u00e1d\u011bn\u00ed p\u0159edepsan\u00e9ho intern\u00edho auditu extern\u00edm auditorem p\u0159in\u00e1\u0161\u00ed organizaci \u0159adu v\u00fdhod. Nejd\u016fle\u017eit\u011bj\u0161\u00ed z nich je z\u00edsk\u00e1n\u00ed objektivn\u00edho pohledu na stav syst\u00e9mu ISMS v organizaci. To je d\u016fle\u017eit\u00e9 pro spr\u00e1vn\u00e9 a v\u010dasn\u00e9 p\u0159ij\u00edm\u00e1n\u00ed n\u00e1pravn\u00fdch opat\u0159en\u00ed ke zji\u0161t\u011bn\u00fdm neshod\u00e1m a k udr\u017een\u00ed podm\u00ednky neust\u00e1l\u00e9ho zlep\u0161ov\u00e1n\u00ed do necertifika\u010dn\u00edho auditu. V druh\u00e9 \u0159ad\u011b pak doch\u00e1z\u00ed k \u00faspo\u0159e n\u00e1klad\u016f, nebo\u0165 jen v nejv\u011bt\u0161\u00edch organizac\u00edch se vyplat\u00ed obsazovat pozici auditora ISMS kmenov\u00fdm pracovn\u00edkem a zaji\u0161\u0165ovat jeho kontinu\u00e1ln\u00ed vzd\u011bl\u00e1v\u00e1n\u00ed v problematice ISMS.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=“1″ _builder_version=“4.0.4″ custom_padding=“||||false|false“][et_pb_row _builder_version=“4.0.4″ max_width=“250px“ module_alignment=“center“ custom_margin=“||-40px||false|false“ custom_padding=“0px||0px||false|false“][et_pb_column type=“4_4″ _builder_version=“4.0.4″][et_pb_text _builder_version=“4.0.4″ text_text_color=“#ffffff“ header_text_color=“#ffffff“ header_4_text_color=“#ffffff“ header_4_font_size=“36px“ background_color=“#ff9500″ width=“100%“ max_height=“1000px“ custom_margin=“-65px||15px|400px|false|false“ custom_margin_tablet=“|||240px|false|false“ custom_margin_phone=“|||100px|false|false“ custom_margin_last_edited=“on|phone“ custom_padding=“20px|15px|20px|15px|false|false“ animation_style=“fade“ border_color_all=“#ff9500″]<\/p>\n

„V\u00edte, \u017ee…“<\/strong><\/h4>\n

V\u011bt\u0161ina nej\u00fa\u010dinn\u011bj\u0161\u00edch opat\u0159en\u00ed ke zv\u00fd\u0161en\u00ed bezpe\u010dnosti informac\u00ed je procesn\u00edho charakteru a nevy\u017eaduje n\u00e1kup n\u00e1kladn\u00fdch softwarov\u00fdch \u0159e\u0161en\u00ed?<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=“1″ _builder_version=“4.0.4″ custom_margin=“-28px||||false|false“][et_pb_row _builder_version=“4.0.4″ custom_margin=“0px||||false|false“ custom_padding=“0px||0px||false|false“][et_pb_column type=“4_4″ _builder_version=“4.0.4″][et_pb_text _builder_version=“4.0.4″ text_text_color=“#000000″ text_font_size=“16px“ header_text_color=“#000000″ header_2_text_color=“#000000″ header_2_font_size=“35px“ header_2_line_height=“1.3em“ custom_margin=“-120px||||false|false“ custom_margin_tablet=“-40px||||false|false“ custom_margin_phone=“-10px||||false|false“ custom_margin_last_edited=“on|desktop“ header_2_font_tablet=““ header_2_font_phone=““ header_2_font_last_edited=“on|phone“]<\/p>\n

Poskytujeme poradenstv\u00ed<\/h2>\n

ve v\u0161ech f\u00e1z\u00edch implementace<\/h2>\n

 <\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=“1_4,1_4,1_4,1_4″ _builder_version=“4.0.4″ animation_style=“fade“][et_pb_column type=“1_4″ _builder_version=“4.0.4″][et_pb_blurb title=“Stanoven\u00ed rozsahu a politky“ _builder_version=“4.0.4″ custom_padding=“10px|10px|10px|10px|false|false“ border_radii=“on|2px|2px|2px|2px“ border_width_all=“2px“ border_color_all=“#d6d6d6″ box_shadow_style=“preset1″]<\/p>\n

V\u00a0prvn\u00edch kroc\u00edch je nutn\u00e9 stanovit oblast organizace, na kterou se bude ISMS vztahovat, lze vybrat jen ty nejpot\u0159ebn\u011bj\u0161\u00ed oblasti a tak se vyhnout \u010d\u00e1stem organizace, kde to nen\u00ed nezbytn\u00e9. N\u00e1slednuje stanoven\u00ed politiky, kter\u00e1 je povinn\u00fdm dokumentem a zahrnuje c\u00edle, strategii a r\u016fzn\u00e9 druhy po\u017eadavk\u016f v oblasti ISMS.\u00a0<\/p>\n

[\/et_pb_blurb][\/et_pb_column][et_pb_column type=“1_4″ _builder_version=“4.0.4″][et_pb_blurb title=“Vstupn\u00ed anal\u00fdza a anal\u00fdza rizik“ _builder_version=“4.0.4″ custom_padding=“10px|10px|10px|10px|false|false“ border_radii=“on|2px|2px|2px|2px“ border_width_all=“2px“ border_color_all=“#d6d6d6″ box_shadow_style=“preset1″]<\/p>\n

Z \u00favodn\u00ed vstupn\u00ed anal\u00fdzy lze vyvodit aktu\u00e1ln\u00ed stav informa\u010dn\u00ed bezpe\u010dnosti v organizaci, a tak i sestavit\u00a0n\u00e1vrh opat\u0159en\u00ed k dosa\u017een\u00ed pot\u0159ebn\u00fdch c\u00edl\u016f k implementaci ISMS. Anal\u00fdza rizik je pot\u0159ebnou sou\u010d\u00e1st\u00ed k n\u00e1vrh\u016fm opat\u0159en\u00ed, d\u00edky kter\u00fdm lze n\u00e1sledn\u011b rizika minimalizovat.\u00a0<\/span><\/p>\n

[\/et_pb_blurb][\/et_pb_column][et_pb_column type=“1_4″ _builder_version=“4.0.4″][et_pb_blurb title=“N\u00e1vrh postup\u016f a jejich implementace“ _builder_version=“4.0.4″ custom_padding=“10px|10px|10px|10px|false|false“ border_radii=“on|2px|2px|2px|2px“ border_width_all=“2px“ border_color_all=“#d6d6d6″ box_shadow_style=“preset1″]<\/p>\n

Dal\u0161\u00edm z nezbytn\u00fdch krok\u016f implementace je vypracov\u00e1n\u00ed povinn\u00fdch dokument\u016f jako jsou normy, manu\u00e1ly, sm\u011brnice, nebo prohl\u00e1\u0161en\u00ed o aplikovatelnosti. Tyto dokumenty slou\u017e\u00ed pro zaveden\u00ed normy do praxe a jsou doprov\u00e1zeny dal\u0161\u00edmi d\u016fle\u017eit\u00fdmi \u00fakony, jako je nap\u0159\u00edklad \u0161kolen\u00ed zam\u011bstnanc\u016f.\u00a0<\/p>\n

[\/et_pb_blurb][\/et_pb_column][et_pb_column type=“1_4″ _builder_version=“4.0.4″][et_pb_blurb title=“Monitorov\u00e1n\u00ed a zlep\u0161ov\u00e1n\u00ed“ _builder_version=“4.0.4″ custom_padding=“10px|10px|10px|10px|false|false“ border_radii=“on|2px|2px|2px|2px“ border_width_all=“2px“ border_color_all=“#d6d6d6″ box_shadow_style=“preset1″]<\/p>\n

Dle normy je nezbytn\u00e9 monitorovat v\u00fdkonnost bezpe\u010dnosti informac\u00ed a efektivnost cel\u00e9ho syst\u00e9mu. D\u016fle\u017eit\u00fdm bodem je i normativn\u00ed po\u017eadavek o neust\u00e1l\u00e9m zlep\u0161ov\u00e1n\u00ed, dle kter\u00e9ho organizace mus\u00ed reagovat na neshody syst\u00e9mu a p\u0159ijmout nov\u00e1 n\u00e1pravn\u00e1 opat\u0159en\u00ed, aby syst\u00e9m byl neust\u00e1le efektivn\u00ed.\u00a0<\/p>\n

[\/et_pb_blurb][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=“1″ _builder_version=“4.0.4″ background_color=“rgba(0,0,0,0.07)“ custom_margin=“0px||||false|false“ custom_padding=“0px||0px||false|false“ border_color_top=“#ff9500″ border_color_bottom=“#ff9500″][et_pb_row _builder_version=“4.0.4″ custom_padding=“||24px|||“][et_pb_column type=“4_4″ _builder_version=“4.0.4″][et_pb_text _builder_version=“4.9.2″ text_text_color=“#000000″ text_font_size=“16px“ header_text_color=“#000000″ header_2_text_color=“#000000″ header_2_font_size=“35px“ header_2_line_height=“1.3em“ hover_enabled=“0″ text_orientation=“justified“ sticky_enabled=“0″]<\/p>\n

Z\u00e1kon o kybernetick\u00e9 bezpe\u010dnosti<\/h2>\n

Z\u00e1kon \u010d. 181\/2017 Sb., o kybernetick\u00e9 bezpe\u010dnosti, v platn\u00e9m zn\u011bn\u00ed, si klade za c\u00edl zlep\u0161en\u00ed spolupr\u00e1ce mezi soukrom\u00fdm a ve\u0159ejn\u00fdm sektorem v oblasti kybernetick\u00e9 bezpe\u010dnosti. Jeho prov\u00e1d\u011bc\u00ed p\u0159edpisy vymezuj\u00ed celou \u0159adu subjekt\u016f, kter\u00fdm tento z\u00e1kon ukl\u00e1d\u00e1 povinnosti, kter\u00e9 se ve velk\u00e9 m\u00ed\u0159e shoduj\u00ed s po\u017eadavky normy ISO\/IEC 27 001, ze kter\u00e9 tento p\u0159edpis vych\u00e1z\u00ed.<\/p>\n

Subjekt\u016fm dot\u010den\u00fdm Z\u00e1konem o kybernetick\u00e9 bezpe\u010dnosti jsme p\u0159ipraveni poskytnout sou\u010dinnost a podporu p\u0159i zav\u00e1d\u011bn\u00ed pot\u0159ebn\u00fdch opat\u0159en\u00ed, vytv\u00e1\u0159en\u00ed souvisej\u00edc\u00ed dokumentace a obsazen\u00ed z\u00e1konem po\u017eadovan\u00fdch rol\u00ed v syst\u00e9mu kybernetick\u00e9 bezpe\u010dnosti.<\/p>\n

Zejm\u00e9na outsourcing role Auditora kybernetick\u00e9 bezpe\u010dnosti p\u0159in\u00e1\u0161\u00ed organizaci v\u00fdhodu v \u00faspo\u0159e n\u00e1klad\u016f, kdy tuto roli nemus\u00ed obsazovat kmenov\u00fdm zam\u011bstnancem, sou\u010dasn\u011b organizace z\u00edsk\u00e1 nez\u00e1visl\u00fd vhled do sv\u00e9ho syst\u00e9mu \u0159\u00edzen\u00ed kybernetick\u00e9 bezpe\u010dnosti.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=“1″ _builder_version=“4.0.4″ background_color=“#ff9500″ custom_margin=“50px||0px||false|false“ animation_style=“fade“][et_pb_row column_structure=“1_3,2_3″ _builder_version=“4.0.4″ custom_margin=“||0px||false|false“ custom_padding=“0px||0px||false|false“][et_pb_column type=“1_3″ _builder_version=“4.0.4″][et_pb_image src=“http:\/\/www.forensee.cz\/wp-content\/uploads\/2020\/05\/tech-19.jpg“ align=“center“ _builder_version=“4.0.4″][\/et_pb_image][\/et_pb_column][et_pb_column type=“2_3″ _builder_version=“4.0.4″][et_pb_text _builder_version=“4.9.2″ text_text_color=“#ffffff“ text_font_size=“16px“ header_2_text_color=“#ffffff“ header_2_font_size=“35px“ header_2_line_height=“1.5em“ custom_margin=“0px||||false|false“ custom_padding=“0px||0px||false|false“ hover_enabled=“0″ text_orientation=“justified“ sticky_enabled=“0″]<\/p>\n

P\u0159\u00edpadov\u00e1 studie<\/strong><\/h2>\n

Klient:<\/strong>\u00a0Dodavatel v energetice<\/p>\n

Probl\u00e9m:<\/strong>\u00a0Rychl\u00fd r\u016fst spole\u010dnosti zna\u010dn\u011b nav\u00fd\u0161il hodnotu informa\u010dn\u00edch aktiv a p\u0159erostl mo\u017enosti intern\u00ed IT spr\u00e1vy<\/p>\n

Na\u0161e \u0159e\u0161en\u00ed:<\/strong><\/p>\n

B\u00fdval\u00fd klient, pro kter\u00e9ho jsme v minulosti \u0159e\u0161ili bezpe\u010dnou likvidaci dat, se na n\u00e1s obr\u00e1til s \u017e\u00e1dost\u00ed o konzultaci v oblasti bezpe\u010dnosti informa\u010dn\u00edch syst\u00e9m\u016f. U\u017e po \u00favodn\u00ed sch\u016fzce bylo jasn\u00e9, \u017ee rychl\u00fd r\u016fst kdysi rodinn\u00e9 firmy v kl\u00ed\u010dov\u00e9ho hr\u00e1\u010de na trhu nebyl n\u00e1sledov\u00e1n odpov\u00eddaj\u00edc\u00edmi zm\u011bnami ve zp\u016fsobu \u0159\u00edzen\u00ed IT obecn\u011b, bezpe\u010dnost informac\u00ed pak nebyla \u0159e\u0161ena v\u016fbec.<\/p>\n

V prvn\u00ed f\u00e1zi jsme pro klienta provedli vstupn\u00ed anal\u00fdzu, aby veden\u00ed spole\u010dnosti z\u00edskalo lep\u0161\u00ed p\u0159edstavu o aktu\u00e1ln\u00edm stavu v organizaci. N\u00e1sledn\u011b byl navr\u017een a odsouhlasen rozsah projektu a doba implementace v horizontu 10 m\u011bs\u00edc\u016f. Vzhledem k tomu, \u017ee klient nesm\u011b\u0159uje k certifikaci dle ISO\/IEC 27 001, je tato doba dostate\u010dn\u00e1.<\/p>\n

Projekt byl zah\u00e1jen zmapov\u00e1n\u00edm proces\u016f organizace a jej\u00edch aktiv. N\u00e1sledn\u00e9 proveden\u00ed anal\u00fdzy rizik bylo zakon\u010deno n\u00e1vrhem opat\u0159en\u00ed, kter\u00e1 na zji\u0161t\u011bn\u00e1 rizika reagovala. A\u010dkoliv se nejednalo o p\u0159\u00edpravu k certifikaci, byla po dohod\u011b s klientem zpracov\u00e1na z\u00e1kladn\u00ed dokumentace k ISMS a n\u00e1vazn\u00e9 prov\u00e1d\u011bc\u00ed dokumenty.<\/p>\n

V organizaci po ukon\u010den\u00ed projektu prov\u00e1d\u00edme pravideln\u00e9 ro\u010dn\u00ed audity syst\u00e9mu ISMS a zaji\u0161\u0165ujeme rovn\u011b\u017e pr\u016fb\u011b\u017en\u00e9 \u0161kolen\u00ed kl\u00ed\u010dov\u00fdch pracovn\u00edk\u016f.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=“1″ _builder_version=“4.0.4″ animation_style=“fade“][et_pb_row column_structure=“1_2,1_2″ _builder_version=“4.0.4″][et_pb_column type=“1_2″ _builder_version=“4.0.4″][et_pb_image src=“http:\/\/www.forensee.cz\/wp-content\/uploads\/2020\/05\/DSC06489-2-1.jpg“ _builder_version=“4.0.4″ max_height=“460px“][\/et_pb_image][\/et_pb_column][et_pb_column type=“1_2″ _builder_version=“4.0.4″][et_pb_team_member name=“Mari\u00e1n Svetl\u00edk“ position=“Vedouc\u00ed konzultant“ _builder_version=“4.0.4″ header_font=“|600|||||||“ header_text_color=“#000000″ header_font_size=“25px“ position_text_color=“#000000″ custom_margin=“0px||||false|false“ custom_padding=“100px||0px||false|false“][\/et_pb_team_member][et_pb_text _builder_version=“4.0.4″ header_2_font_size=“20px“]<\/p>\n

Pot\u0159ebujete konzultaci v oblasti \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed?<\/h2>\n

[\/et_pb_text][et_pb_blurb use_icon=“on“ font_icon=“%%238%%“ icon_color=“#ff9500″ icon_placement=“left“ _builder_version=“4.0.4″ body_text_color=“#ff9500″ body_font_size=“20px“ body_link_text_color=“#ff9500″]<\/p>\n

svetlik@forensee.cz<\/a>\u00a0<\/p>\n

[\/et_pb_blurb][et_pb_blurb use_icon=“on“ font_icon=“%%264%%“ icon_color=“#ff9500″ icon_placement=“left“ _builder_version=“4.0.4″ body_text_color=“#ff9500″ body_font_size=“20px“ body_link_text_color=“#ff9500″]<\/p>\n

+420 776 740 482<\/p>\n

[\/et_pb_blurb][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti     Informa\u010dn\u00ed bezpe\u010dnost nejen dle ISO\/IEC 27 001Jsme si v\u011bdomi hodnoty informac\u00ed a chceme pomoci s \u00fa\u010dinn\u00fdm \u0159\u00edzen\u00edm jejich bezpe\u010dnosti.Pot\u0159ebujeme pomoct s implementac\u00ed syst\u00e9mu \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed dle ISO\/IEC 27 001 a s p\u0159\u00edpravou na certifikaci dle t\u00e9to normy.Nem\u00e1me vhodn\u00e9ho pracovn\u00edka pro roli intern\u00edho auditora dle ISO\/IEC 27 001 nebo se […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"class_list":["post-239","page","type-page","status-publish","hentry"],"yoast_head":"\n\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti - nejen dle ISO\/IEC 27 00 - forensee<\/title>\n<meta name=\"description\" content=\"Dokumentovan\u00fd syst\u00e9m ISMS (Information Security Management System), neboli syst\u00e9m \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed je syst\u00e9m, kter\u00fd chr\u00e1n\u00ed...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.forensee.cz\/en\/rizeni-informacni-bezpecnosti\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti - nejen dle ISO\/IEC 27 00 - forensee\" \/>\n<meta property=\"og:description\" content=\"Dokumentovan\u00fd syst\u00e9m ISMS (Information Security Management System), neboli syst\u00e9m \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed je syst\u00e9m, kter\u00fd chr\u00e1n\u00ed...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.forensee.cz\/en\/rizeni-informacni-bezpecnosti\/\" \/>\n<meta property=\"og:site_name\" content=\"forensee\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/forensee\" \/>\n<meta property=\"article:modified_time\" content=\"2021-03-30T10:32:18+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@forensee\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/rizeni-informacni-bezpecnosti\\\/\",\"url\":\"https:\\\/\\\/www.forensee.cz\\\/rizeni-informacni-bezpecnosti\\\/\",\"name\":\"\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti - nejen dle ISO\\\/IEC 27 00 - forensee\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/#website\"},\"datePublished\":\"2020-02-21T17:18:33+00:00\",\"dateModified\":\"2021-03-30T10:32:18+00:00\",\"description\":\"Dokumentovan\u00fd syst\u00e9m ISMS (Information Security Management System), neboli syst\u00e9m \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed je syst\u00e9m, kter\u00fd chr\u00e1n\u00ed...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/rizeni-informacni-bezpecnosti\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.forensee.cz\\\/rizeni-informacni-bezpecnosti\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/rizeni-informacni-bezpecnosti\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Dom\u016f\",\"item\":\"https:\\\/\\\/www.forensee.cz\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/#website\",\"url\":\"https:\\\/\\\/www.forensee.cz\\\/\",\"name\":\"forensee\",\"description\":\"\u0158e\u0161en\u00ed a slu\u017eby v oblasti digit\u00e1ln\u00ed forenzn\u00ed anal\u00fdzy a \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.forensee.cz\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/#organization\",\"name\":\"forensee\",\"url\":\"https:\\\/\\\/www.forensee.cz\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.forensee.cz\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/image.png\",\"contentUrl\":\"https:\\\/\\\/www.forensee.cz\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/image.png\",\"width\":300,\"height\":75,\"caption\":\"forensee\"},\"image\":{\"@id\":\"https:\\\/\\\/www.forensee.cz\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/forensee\",\"https:\\\/\\\/x.com\\\/forensee\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti - nejen dle ISO\/IEC 27 00 - forensee","description":"Dokumentovan\u00fd syst\u00e9m ISMS (Information Security Management System), neboli syst\u00e9m \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed je syst\u00e9m, kter\u00fd chr\u00e1n\u00ed...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.forensee.cz\/en\/rizeni-informacni-bezpecnosti\/","og_locale":"en_US","og_type":"article","og_title":"\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti - nejen dle ISO\/IEC 27 00 - forensee","og_description":"Dokumentovan\u00fd syst\u00e9m ISMS (Information Security Management System), neboli syst\u00e9m \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed je syst\u00e9m, kter\u00fd chr\u00e1n\u00ed...","og_url":"https:\/\/www.forensee.cz\/en\/rizeni-informacni-bezpecnosti\/","og_site_name":"forensee","article_publisher":"https:\/\/www.facebook.com\/forensee","article_modified_time":"2021-03-30T10:32:18+00:00","twitter_card":"summary_large_image","twitter_site":"@forensee","twitter_misc":{"Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.forensee.cz\/rizeni-informacni-bezpecnosti\/","url":"https:\/\/www.forensee.cz\/rizeni-informacni-bezpecnosti\/","name":"\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti - nejen dle ISO\/IEC 27 00 - forensee","isPartOf":{"@id":"https:\/\/www.forensee.cz\/#website"},"datePublished":"2020-02-21T17:18:33+00:00","dateModified":"2021-03-30T10:32:18+00:00","description":"Dokumentovan\u00fd syst\u00e9m ISMS (Information Security Management System), neboli syst\u00e9m \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed je syst\u00e9m, kter\u00fd chr\u00e1n\u00ed...","breadcrumb":{"@id":"https:\/\/www.forensee.cz\/rizeni-informacni-bezpecnosti\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.forensee.cz\/rizeni-informacni-bezpecnosti\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.forensee.cz\/rizeni-informacni-bezpecnosti\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Dom\u016f","item":"https:\/\/www.forensee.cz\/"},{"@type":"ListItem","position":2,"name":"\u0158\u00edzen\u00ed informa\u010dn\u00ed bezpe\u010dnosti"}]},{"@type":"WebSite","@id":"https:\/\/www.forensee.cz\/#website","url":"https:\/\/www.forensee.cz\/","name":"forensee","description":"\u0158e\u0161en\u00ed a slu\u017eby v oblasti digit\u00e1ln\u00ed forenzn\u00ed anal\u00fdzy a \u0159\u00edzen\u00ed bezpe\u010dnosti informac\u00ed","publisher":{"@id":"https:\/\/www.forensee.cz\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.forensee.cz\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.forensee.cz\/#organization","name":"forensee","url":"https:\/\/www.forensee.cz\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forensee.cz\/#\/schema\/logo\/image\/","url":"https:\/\/www.forensee.cz\/wp-content\/uploads\/2020\/05\/image.png","contentUrl":"https:\/\/www.forensee.cz\/wp-content\/uploads\/2020\/05\/image.png","width":300,"height":75,"caption":"forensee"},"image":{"@id":"https:\/\/www.forensee.cz\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/forensee","https:\/\/x.com\/forensee"]}]}},"_links":{"self":[{"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/pages\/239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/comments?post=239"}],"version-history":[{"count":55,"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/pages\/239\/revisions"}],"predecessor-version":[{"id":1784,"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/pages\/239\/revisions\/1784"}],"wp:attachment":[{"href":"https:\/\/www.forensee.cz\/en\/wp-json\/wp\/v2\/media?parent=239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}