Auditoría informática mediante COBIT 5 para el área informática en la empresa ROSAS DEL CORAZÓN.
This project describes the execution of the informatics audit applied in Rosas del Corazon Enterprise, located in the Machachi city, Pichincha province, which is dedicated to the production and exportation of quality flower. The enterprise uses computer resources to carry out its business objectives...
Guardat en:
| Autor principal: | |
|---|---|
| Format: | bachelorThesis |
| Idioma: | spa |
| Publicat: |
2019
|
| Matèries: | |
| Accés en línia: | http://repositorio.utc.edu.ec/handle/27000/5703 |
| Etiquetes: |
Afegir etiqueta
Sense etiquetes, Sigues el primer a etiquetar aquest registre!
|
Afegir etiqueta | Sumari: | This project describes the execution of the informatics audit applied in Rosas del Corazon Enterprise, located in the Machachi city, Pichincha province, which is dedicated to the production and exportation of quality flower. The enterprise uses computer resources to carry out its business objectives by systematizing its internal processes that help it to fulfill its work efficiently. The audit is based on the guidelines of COBIT 5.0, which is a business framework for the government and management of Information Technologies (IT) that allows the development of clear policies and good practices for IT control. This methodology also offers methods and metrics but it does not impose detailed procedures, it is not radical, on the contrary, it is tolerant and even recommends other standards or international frameworks. Currently, there are lots of enterprises that suffer cyber-attacks or incidents where the physical or logical security of the IT is violated. The Rosas del Corazon enterprise is not exempt from this type of events. Due to this fact, it is considered necessary an evaluation of the company's weaknesses and strengths of computing area. During the execution of this project, the reach and objectives of this research are properly justified, in addition, some concepts and parameters that define the audit and information security are exposed. The execution of the audit constitutes the compilation of the most information such as documents and evidence that allow the auditor to base their comments, suggestions and recommendations regarding to the management and administration of IT, for this purpose, data collection techniques were used such as interviews and questionnaires. After the analysis of the information collected, a report and results of the practice case are presented by describing the appropriate conclusions and recommendations. This research was a great contribution to the company, since it was possible to point out the existing inconveniences which will benefit the enterprise to increase in the computing area. |
|---|