Seguridad de la información de infraestructura tecnológica y sistemas informáticos del GADM del cantón Chone basado en la norma ISO/IEC 27001
The purpose of the titling work was to prepare a Management Plan for Information Security in the Technological Infrastructure and Computer Systems of the Municipal Decentralized Autonomous Government of Chone Canton, based on the ISO / IEC 27001 Standard to reduce risks in the institutional informat...
Saved in:
| Main Author: | |
|---|---|
| Format: | masterThesis |
| Language: | spa |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://repositorio.espam.edu.ec/handle/42000/1077 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Add Tag | Summary: | The purpose of the titling work was to prepare a Management Plan for Information Security in the Technological Infrastructure and Computer Systems of the Municipal Decentralized Autonomous Government of Chone Canton, based on the ISO / IEC 27001 Standard to reduce risks in the institutional information systems. The methodology applied was the achievement of objectives, where the first objective focused on determining the current situation of the processes, resources, information and infrastructure of the IT department through a checklist with structured questions based on the components of the standard applied, the second objective was the evaluation of the risks based on the vulnerabilities found with the previous objective, to then use the methodology Modal Analysis of Faults and Effects (AMFE), where the level of risks in each component was identified and evaluated, what allowed to obtain the mitigation actions in aspects of integrity, availability and reliability of the information. The third objective was obtained in accordance with the information of the two previous objectives, to which a general analysis was made, resulting in an information security management plan that proposes solution measures to the technological department under study. This proposal allows to improve the IT security aspects by means of the necessary corrections to safeguard the integrity of its data. |
|---|