Desarrollo de una auditoría informática en la empresa eléctrica pública estratégica Corporación Nacional de Electricidad (CNEL EP) unidad de negocio de El Oro mediante la norma ISO/IEC 27001 considerando como punto de prueba el data center.
In recent decades the technology and information have taken on greater importance within organizations, information being one of the most transcendental assets therefore their integrity and security allow the viable development of an organization. In our country are living a time of change where bot...
Salvato in:
| Autore principale: | |
|---|---|
| Natura: | bachelorThesis |
| Lingua: | spa |
| Pubblicazione: |
2015
|
| Soggetti: | |
| Accesso online: | http://repositorio.utmachala.edu.ec/handle/48000/5909 |
| Tags: |
Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
|
Aggiungi Tag | Riassunto: | In recent decades the technology and information have taken on greater importance within organizations, information being one of the most transcendental assets therefore their integrity and security allow the viable development of an organization. In our country are living a time of change where both public and private institutions must provide high levels of quality and safety to international standards to ensure optimum performance thereof, the CNEL EP Business Unit Gold is one of the public institutions locally that handles large amount of information that thousands of daily transactions that should meet the needs of El Oro is done. Thus the need to develop an IT audit emerged by ISO / IEC 27001 taking as evidence the data center of the institution, the objective was to evaluate the safety of the data center and telecommunications equipment and servers there They found, resulting in the identification of vulnerabilities that threatened their safety and proper operation. Lineament were taken as controls Annex A of ISO / IEC 27001 which refer to policies, processes, people, performance, physical and logical security of equipment and data center. The standard was selected because of its scope since it can be used in small, medium and large enterprises. Because the CNEL EP Business Unit Gold operates a strict confidentiality regime and certain information can not be disclosed or exposed without strictly judicial order, it was used to analyze the information the methodology of risk analysis colors is a technique qualitative, which is based on the formulation of questions and comments that thanks to calculations of averages risk factors that threatened the operation of the data center was identified. Therefore, thanks to the results of the respective recommendations and conclusions allowed to correct or mitigate the vulnerabilities that are mainly obtained security data center making it optimized the operation and improve the integrity of the information the company were made |
|---|