Client: Capital city of Prague
| Project: | Consolidation of information security activities |
| Competence centre: | Information security |
| Year: | 2008 |
Brief Description
The capital city of Prague has been occupying itself with the questions of information security for a long time. Variously solved projects didn’t show compatible results. It was necessary to consolidate all the activities concerning information security.
We carried out an analysis of the existing state and proposed a complex of remedies, which should improve the standard of information security managment at the Prague City Hall. Further integration of individual parts of the city and other organistaions into the system is possible.
Long experience of our workers show, that proposing a project is not enough. Day-to day consecutive work on promoting the objectives, plans and resolutions is necessary. That is why our Information Security Workgroup (managment level) and Infromation Security Team (specialist level) have been focusing primarily on information security solution.
Detailed information
The main objective of the project was a consolidation of activities relating to the area of information security, making a proposal of effective conception for development and management of this area. The motivation was a need to comply with legal demands, ensuring a sufficient information security and also increasing our value by gaining a certificate of the information security management according to the ČSN ISO/IEC 27001 (or ISO/IEC 27002) norm.
To be able to set the processes and activities in the information security (IS) area it was necessary to analyze the existing state of the company throroughly from both outside and inside. We also carried out an analysis of the company’s compatibility with the legislative and its internal managment. Suggested remedies respected identified needs and objectives of the company and at the same time it suited identified demands of the legislative and the inner culture of company. Disrespecting these basic rules of the well-proved managment system leads according to our experience gained in similar projects to inflexibility or even to a failure of system of SI managment in company.
Mentioned consulting and advisory services were provided in three separate relating phases:
- analyzing the existing state and the information security managment
- proposal of a complex of remedies respecting the demand of stable and effective solution of the BI system
- continuous methodical and professional help in implementing the proposed remedies
Shifting the level of information security was a great contribution to the client. The project didn’t make the mistake of being too ambitious, it was focused on day-to day work with noticeable results.
Conclusion
We believe that the problem of Prague City Hall is a problem of many organisations, which have already reached a certain degree of security. Further progress is not possible without a day-to–day work, great effort, explaining, and persuading.
Are you interested in this topic? Are you handling the same problems in your company?
For further information contact as. Telephone number : +420 222 500 111. Email : iteg@iteg.cz.
