| fullrecord |
[{"key": "dc.contributor.advisor", "value": "Sepp\u00e4nen, Ville", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Sepp\u00e4l\u00e4, Enni", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2022-01-12T07:32:42Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2022-01-12T07:32:42Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2022", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/79318", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "ISO 27001 -standardi erittelee vaatimukset tietoturvallisuuden hallintaj\u00e4rjestelm\u00e4n perustamiseen, t\u00e4yt\u00e4nt\u00f6\u00f6npanoon, k\u00e4ytt\u00f6\u00f6nottoon, seurantaan, tarkistamiseen, yll\u00e4pitoon sek\u00e4 jatkuvaan parantamiseen. T\u00e4ss\u00e4 kandidaatinty\u00f6ss\u00e4 tutkitaan Carunan ISO 27001 -standardin mukaista tietoturvallisuuden hallintaj\u00e4rjestelm\u00e4\u00e4. Tutkimuksessa on haastateltu carunalaisia, jotka ovat tekemisiss\u00e4 tietoturvateht\u00e4vien parissa. Haastatteluaineiston sek\u00e4 Carunan sis\u00e4isen dokumentaation pohjalta on muodostettu nykytila hallintaj\u00e4rjestelm\u00e4n vahvuuksista ja kehitett\u00e4vist\u00e4 kohteista. Carunan tietoturvallisuuden hallintaj\u00e4rjestelm\u00e4 antaa selke\u00e4t toimintatavat ja kokoaa yhteen tietoturvan hallinnan toimenpiteit\u00e4 ja dokumentaatiota. Tutkimus osoittaa puutteita erityisesti riskienhallinnan, sis\u00e4isen auditoinnin ja johdon katselmuksen dokumentaatiossa. Kehitysehdotuksena tietoturvan hallinnalle ehdotettiin dokumentaation selkeytt\u00e4mist\u00e4, ty\u00f6kalujen lis\u00e4\u00e4mist\u00e4 sek\u00e4 henkil\u00f6st\u00f6n tietoisuuden parantamista. Carunan tietoturvallisuuden hallintaj\u00e4rjestelm\u00e4n vaikuttavuuden mittausta, seurantaa ja arviointia tehd\u00e4\u00e4n erilaisilla mittareilla, auditoinneilla ja katselmuksilla. Mittausten, seurannan ja arviointien pohjalta voidaan toteuttaa jatkuvaa parantamista, jota tapahtuu esimerkiksi kyberturvallisuuden tiekartassa kuvattuja kehitt\u00e4mishankkeita toteuttamalla sek\u00e4 erilaisissa palveluiden kehitt\u00e4misprojekteissa. N\u00e4iden tutkimustulosten pohjalta Caruna pystyy parantamaan kehitett\u00e4vi\u00e4 kohteita hallintaj\u00e4rjestelm\u00e4ss\u00e4\u00e4n sek\u00e4 nostamaan niit\u00e4 kehityslistalle esimerkiksi kyberturvallisuuden tiekartalle.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "The ISO 27001 standard sets out the requirements for the establishment, implementation, deployment, monitoring, review, maintenance, and continuous improvement of the information security management system. This Bachelor's thesis examines Caruna's ISO 27001 information security management system. In \nthis study, has interviewed Caruna\u2019s employees who are involved in information security tasks. Based on the interview material and Caruna's internal documentation, the current state of the strengths of the management system and the areas to be developed have been formed. Caruna's information security management system provides clear ways of working and brings together security management measures and documentation. The study shows shortcomings, in the documentation of risk management, internal auditing, and management review. As a development proposal for information security management, it was proposed to \nclarify documentation, add tools, and improve employee awareness. The measurement, monitoring, and evaluation of the effectiveness of Caruna's information security management system is carried out with various indicators, audits, and inspections. Based on measurements, monitoring, and evaluations, it is possible to implement a continuous improvement, for example by implementing the development projects described in the cybersecurity roadmap and in various service development projects. Based on these research results, Caruna will be able \nto improve the targets being developed in its management system and put them on the development list, for example, on the cybersecurity roadmap.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2022-01-12T07:32:42Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2022-01-12T07:32:42Z (GMT). No. of bitstreams: 0\n Previous issue date: 2022", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "59", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "tietoturvastandardi", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "ISO27001", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "tietoturvallisuuden hallintaj\u00e4rjestelm\u00e4", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "ISMS", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "ISO 27001-tietoturvastandardin soveltaminen Carunalla", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "bachelor thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202201121096", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Bachelor's thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Kandidaatinty\u00f6", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.collaborator", "value": "business", "language": "", "element": "contractresearch", "qualifier": "collaborator", "schema": "yvv"}, {"key": "yvv.contractresearch.funding", "value": "300", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "yvv.contractresearch.initiative", "value": "business", "language": "", "element": "contractresearch", "qualifier": "initiative", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_7a1f", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "restrictedAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "bachelorThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "standardit", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}, {"key": "dc.rights.accessrights", "value": "The author has not given permission to make the work publicly available electronically. Therefore the material can be read only at the archival workstation at Jyv\u00e4skyl\u00e4 University Library (https://kirjasto.jyu.fi/collections/archival-workstation).", "language": "en", "element": "rights", "qualifier": "accessrights", "schema": "dc"}, {"key": "dc.rights.accessrights", "value": "Tekij\u00e4 ei ole antanut lupaa avoimeen julkaisuun, joten aineisto on luettavissa vain Jyv\u00e4skyl\u00e4n yliopiston kirjaston arkistoty\u00f6semalta. Ks. https://kirjasto.jyu.fi/kokoelmat/arkistotyoasema..", "language": "fi", "element": "rights", "qualifier": "accessrights", "schema": "dc"}]
|