Tesis Ingeniería en Sistemas Informáticos y Computacionales
Permanent URI for this collectionhttp://repositorio.uta.edu.ec/handle/123456789/15
Browse
Item Auditoría de seguridad de la información aplicando la Norma ISO/IEC 27001 en el Gobierno Autónomo Descentralizado San Pedro de Pelileo(Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Ingeniería en Sistemas Computacionales e Informáticos, 2021-09) Aillón Carrasco, Mayra Elizabeth; Chicaiza Castillo, Dennis VinicioThe purpose of the research project is to mitigate risks and protect the information that is handled daily in The Gobierno Autónomo Descentralizado Municipal San Pedro de Pelileo, through the application of policies that are based on the ISO 27001 standard in the field of security in terms of access control, asset anagement, physical security, personnel restrictions, among others. An analysis of the current state of the institution was obtained through the application of techniques such as interviews, a survey that was applied to the chief, technicians of the Technological Management Unit and officials of the municipality, in addition to constant visits, the existence of Failures such as the physical environment in which the server room is located does not have the corresponding adaptations and they are exposed to a large number of risks since the physical facilities are not adequate, the incorrect use of passwords by municipal officials, etc. According to the data provided by the analysis, policies were created that are based on the ISO 27001 standard for their application approval in the Technological Management unit of the San Pedro de Pelileo Municipal Government. to the policies established so that there is strict control in the areas where there are shortcomings in terms of security, always seeking continuous improvement with the application of constant monitoring of all existing areas.