Análisis y planificación de la seguridad de la información basado en las normas ISO 27000 de la compañía de transporte pesado 17 de noviembre.
This research is based on an exhaustive review of the ISO 27000 standards and their application in similar organizations. An information security audit was carried out in the company 17 de noviembre S.A. to identify the existing weaknesses in the security system and then an action plan based on the...
Kaydedildi:
| Yazar: | |
|---|---|
| Materyal Türü: | bachelorThesis |
| Baskı/Yayın Bilgisi: |
2023
|
| Konular: | |
| Online Erişim: | http://dspace.utb.edu.ec/handle/49000/13971 |
| Etiketler: |
Etiketle
Etiket eklenmemiş, İlk siz ekleyin!
|
Etiketle | Özet: | This research is based on an exhaustive review of the ISO 27000 standards and their application in similar organizations. An information security audit was carried out in the company 17 de noviembre S.A. to identify the existing weaknesses in the security system and then an action plan based on the best practices and recommendations of ISO 27000 was designed. The knowledge acquired in the investigation was integrated to develop an information security plan for the company 17 de noviembre S.A. The plan includes the identification and classification of critical information, the design of security policies and procedures, the implementation of access controls, and the training of personnel in information security. It is relevant to highlight that the purpose of having an Information Security System is to ensure that the members of the company know, manage and minimize the associated risks. According to ISO/IEC 2700, (2022) it is essential to document, systematize and structure each procedure in order to establish policies and procedures related to the objectives of the institution and obtain the maximum benefit. To achieve this, it is recommended to follow the international standards detailed below. |
|---|