Wybrane aspekty praktyczne zapewnienia bezpieczeństwa bibliotecznych systemów informacyjnych w świetle obowiązujących norm

Abstract

Providing practical security to the IT systems is a complicated process resulting from legal and standard regulations. The study describes elements connected with establishment and implementation of the security policy and practical activities performed on its basis. It takes into account all aspects related with organizational changes each institution undergoes, when working with security rules procedures. Special attention is paid to practical aspects of risk analysis and activities resulting from conducted studies, including crisis support schemes. The paper describes the most important measures undertaken by the University of Silesia in order to provide activities which are compliant with the current legal bills and international standard acts. It also discusses some elements associated with the work organization, including investment activities performed according to the principles resulting from the analysis of total costs calculated according to the Total Cost of Ownership (TCO) model.