Proposal of an information security plan to increase the reliability of data in a financial company
Descripción del Articulo
The main function of the financial institution is to offer its services for the placement of cards, loans, etc., to the clients who request it in its different establishments. Given this, it was identified that there are activities in the bank that are generating mishandling of information by staff...
| Autor: | |
|---|---|
| Formato: | artículo |
| Fecha de Publicación: | 2021 |
| Institución: | Universidad La Salle |
| Repositorio: | Revistas - Universidad La Salle |
| Lenguaje: | español |
| OAI Identifier: | oai:ojs.revistas.ulasalle.edu.pe:article/39 |
| Enlace del recurso: | https://revistas.ulasalle.edu.pe/innosoft/article/view/39 https://doi.org/10.48168/innosoft.s6.a39 https://purl.org/42411/s6/a39 https://n2t.net/ark:/42411/s6/a39 |
| Nivel de acceso: | acceso abierto |
| Materia: | Data Management Information ISO/IEC 27002 Plan SGSI Datos Gestión Información |
| Sumario: | The main function of the financial institution is to offer its services for the placement of cards, loans, etc., to the clients who request it in its different establishments. Given this, it was identified that there are activities in the bank that are generating mishandling of information by staff towards customers, which is causing claims from them due to inconsistency of the data that results in the disaffiliation of their services. For this reason, a proposal for an information security plan was developed in the processes and areas of Ripley bank, with the objective of increasing the reliability of its data, achieving the three principles for an ISMS such as availability, integrity and confidentiality. . To achieve this objective, the ISO / IEC 27001 and 27002 standards were selected to apply the controls of the information security plan proposal in the Ripley bank, being clearly established those responsible and the information that is handled in each of the processes and areas. As a result, the scope of the plan was carried out, as well as defining the policies, risk management analysis, priority was given to the management of information by areas, in addition, the bank's assets were analyzed where the reliability of the data is guaranteed, then the defined the plan applying the controls of ISO / IEC 27002. It was concluded to define the indicators to evaluate the information security plan proposal to increase the reliability of its data. |
|---|
Nota importante:
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
