Contingency planning for Bofors Defence AB, an application of existing methods

• Main Author: Karlsson, Terése
• Format: Others
• Language: English
• Published: Linköpings universitet, Institutionen för systemteknik 2002
• Subjects: Informationsteknik; datasäkerhet; avbrottsplaner; Computer and Information Sciences; Data- och informationsvetenskap
• Online Access: http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-1639

Bofors Defence AB is in the process of updating and documenting the company’s routines for information security. The object is to be certified according to the standard ISO 17799-1 during 2003. Among other things updating means that the company will be provided with contingency plans who should insure a reliable IT-environment. Basically it is all about protecting the company’s information related systems, ensure contingency in the daily work and maintaining the trust of the market and the authorities. The aim of the Thesis was to apply existing methods in the making of contingency plans. The plans are focused on the information related systems that are critical to the company and takes in consideration the threats, which might stop them from operating as desired. The contingency plans cover a limited numberof systems, which for example handle e-mail and order intake. The plans comprise the servers and platforms (for example operating systems), which are essential to the systems. The Thesis is focused on the aspect of availability. The aspects of confidentiality (for example fire walls) and integrity (for example access restrictions) are handled by the company’s own personnel. To ensure contingency is only a minor part of the work that needs to bee done before a company can be certified according to ISO 7799-1. This Thesis needs complementary additions before it can be incorporated in the documentation presented to the accreditation agency. However the result is in line with the company’s commission.