RISK ASSESSMENT FOR CONSTITUTIONAL COURT INFORMATION SYSTEM

Magistrsko delo obravnava področje varnosti informacijskega sistema s poudarkom na oceni tveganj Ustavnega sodišča RS. V prvem delu so podane teoretične osnove varovanja informacij. Opisana je družina standardov ISO/IEC 27000 in sistem upravljanja in varovanja informacij. V drugem delu je najprej opisana metodologija ocene tveganj in predstavitev organizacije. Sledi opis izvedbe ocene tveganj Ustavnega sodišča. Na podlagi rezultatov je predstavljena analiza, kateri so podana priporočila in predlogi nujnih izboljšav. V zaključku so prikazane še možnosti za nadaljevanje tega dela ter pogled v prihodnost. The dissertation discusses the security of an information system with emphasis on risk assessment of the Constitutional Court of Slovenia. First part presents the theoretical basics of information security. Describes ISO / IEC 27000 standards family and information security management system. In the second part first describes the methodology of risk assessment and presentation of the organization. Follows a description of risk assessment of the Constitutional Court. The results of the analysis is presented, which includes recommendations and proposals for urgent improvements. In conclusion, shows there is scope for continuing this work as well as looking ahead to the future.