Browsing by Author "Chagmana Pomaquero, Remigio Leonel"

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • No Thumbnail Available
    Item
    Auditoría informática aplicando la Norma ISO 27001 para optimizar la seguridad de la información en el Departamento de Tic’s del Centro de Investigación y Desarrollo FAE.
    (Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Ingeniería en Sistemas Computacionales e Informáticos, 2022-06) Chagmana Pomaquero, Remigio Leonel; Mayorga Mayorga, Franklin Oswaldo
    At present, information is one of the most important assets within any organization, its security and administration require a complete analysis to identify any risk to which it is exposed so that in this way the integrity, confidentiality and availability of the information is guaranteed. information optimally. The purpose of the research project is to minimize risks and provide security to the information that is handled daily in the ICT Department of the FAE Research and Development Center, through the application of information security policies that are based on the standard ISO27001. First, an analysis of the current state of security in the ICT Department was carried out through the application of interviews and surveys, which were applied to the Chief and the employees of the aforementioned department. The methodology used was based on the Deming cycle, which is made up of 4 phases (Plan, Implement, Verify and Act), in which each phase constitutes act ivities that allow planning, determining its scope, making an inventory of information assets and the valuation of assets with the aim of determining and analyzing the risks, threats and vulnerabilities that intervene in the management of information security. Afterwards, an Information Security Plan was prepared in which the Scope, Characterization, Risk Analysis and the Creation of new Information Security Policies will be defined for approval and application in the ICT Department on FAE Research and Development Center, with this it is expected that the Head and employees of the Department comply with the policies established to guarantee adequate control in the areas where there are shortcomings in terms of information security, maintain constant monitoring in the corresponding areas.