Analýza rizik IS u velké společnosti

Abstract

The diploma thesis deals with a qualitative risk analysis of information systems in the Company, where nearly 1500 users are connected to the net and over 900 computers administered. The first part contains a summary of theory and used methods of risk analysis, pros and cons of quantitative and qualitative methods as well as the procedure for analysis elaboration. Other chapters of the thesis identify and assess the assets of the Company, describe and appraise levels of threat that may affect the given assets, describe measures that have been taken and set to secure the assets in information systems of the Company and that influence the vulnerability rate of each potential couple threat-assets. Afterwards the resultant value of risk is calculated and assessment of areas with the highest risk is evaluated. The final part of the thesis proposes such safety measures that would decrease the final amount of the resultant risk of jeopardised assets to an acceptable level.