Proposal of an information security plan to increase the reliability of data in a financial company
Descripción del Articulo
The main function of the financial institution is to offer its services for the placement of cards, loans, etc., to the clients who request it in its different establishments. Given this, it was identified that there are activities in the bank that are generating mishandling of information by staff...
| Autor: | |
|---|---|
| Formato: | artículo |
| Fecha de Publicación: | 2021 |
| Institución: | Universidad La Salle |
| Repositorio: | Revistas - Universidad La Salle |
| Lenguaje: | español |
| OAI Identifier: | oai:ojs.revistas.ulasalle.edu.pe:article/39 |
| Enlace del recurso: | https://revistas.ulasalle.edu.pe/innosoft/article/view/39 https://doi.org/10.48168/innosoft.s6.a39 https://purl.org/42411/s6/a39 https://n2t.net/ark:/42411/s6/a39 |
| Nivel de acceso: | acceso abierto |
| Materia: | Data Management Information ISO/IEC 27002 Plan SGSI Datos Gestión Información |
| id |
REVUSALLE_7a7dc71f0654a9b00d4b9b7645c6f202 |
|---|---|
| oai_identifier_str |
oai:ojs.revistas.ulasalle.edu.pe:article/39 |
| network_acronym_str |
REVUSALLE |
| network_name_str |
Revistas - Universidad La Salle |
| repository_id_str |
|
| dc.title.none.fl_str_mv |
Proposal of an information security plan to increase the reliability of data in a financial company Propuesta de un plan de seguridad de la información para incrementar la fiabilidad de datos en una financiera |
| title |
Proposal of an information security plan to increase the reliability of data in a financial company |
| spellingShingle |
Proposal of an information security plan to increase the reliability of data in a financial company Apaza Chávez, Wilmer Aufredy Data Management Information ISO/IEC 27002 Plan SGSI Datos Gestión Información ISO/IEC 27002 SGSI |
| title_short |
Proposal of an information security plan to increase the reliability of data in a financial company |
| title_full |
Proposal of an information security plan to increase the reliability of data in a financial company |
| title_fullStr |
Proposal of an information security plan to increase the reliability of data in a financial company |
| title_full_unstemmed |
Proposal of an information security plan to increase the reliability of data in a financial company |
| title_sort |
Proposal of an information security plan to increase the reliability of data in a financial company |
| dc.creator.none.fl_str_mv |
Apaza Chávez, Wilmer Aufredy |
| author |
Apaza Chávez, Wilmer Aufredy |
| author_facet |
Apaza Chávez, Wilmer Aufredy |
| author_role |
author |
| dc.subject.none.fl_str_mv |
Data Management Information ISO/IEC 27002 Plan SGSI Datos Gestión Información ISO/IEC 27002 SGSI |
| topic |
Data Management Information ISO/IEC 27002 Plan SGSI Datos Gestión Información ISO/IEC 27002 SGSI |
| description |
The main function of the financial institution is to offer its services for the placement of cards, loans, etc., to the clients who request it in its different establishments. Given this, it was identified that there are activities in the bank that are generating mishandling of information by staff towards customers, which is causing claims from them due to inconsistency of the data that results in the disaffiliation of their services. For this reason, a proposal for an information security plan was developed in the processes and areas of Ripley bank, with the objective of increasing the reliability of its data, achieving the three principles for an ISMS such as availability, integrity and confidentiality. . To achieve this objective, the ISO / IEC 27001 and 27002 standards were selected to apply the controls of the information security plan proposal in the Ripley bank, being clearly established those responsible and the information that is handled in each of the processes and areas. As a result, the scope of the plan was carried out, as well as defining the policies, risk management analysis, priority was given to the management of information by areas, in addition, the bank's assets were analyzed where the reliability of the data is guaranteed, then the defined the plan applying the controls of ISO / IEC 27002. It was concluded to define the indicators to evaluate the information security plan proposal to increase the reliability of its data. |
| publishDate |
2021 |
| dc.date.none.fl_str_mv |
2021-09-30 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion Journal paper text Artículos originales |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
https://revistas.ulasalle.edu.pe/innosoft/article/view/39 https://doi.org/10.48168/innosoft.s6.a39 https://purl.org/42411/s6/a39 https://n2t.net/ark:/42411/s6/a39 |
| url |
https://revistas.ulasalle.edu.pe/innosoft/article/view/39 https://doi.org/10.48168/innosoft.s6.a39 https://purl.org/42411/s6/a39 https://n2t.net/ark:/42411/s6/a39 |
| dc.language.none.fl_str_mv |
spa |
| language |
spa |
| dc.relation.none.fl_str_mv |
https://revistas.ulasalle.edu.pe/innosoft/article/view/39/41 https://revistas.ulasalle.edu.pe/innosoft/article/view/39/42 https://purl.org/42411/s6/a39/g41 https://purl.org/42411/s6/a39/g42 https://n2t.net/ark:/42411/s6/a39/g41 https://n2t.net/ark:/42411/s6/a39/g42 |
| dc.rights.none.fl_str_mv |
Derechos de autor 2021 Innovación y Software https://creativecommons.org/licenses/by/4.0 info:eu-repo/semantics/openAccess |
| rights_invalid_str_mv |
Derechos de autor 2021 Innovación y Software https://creativecommons.org/licenses/by/4.0 |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf text/html |
| dc.coverage.none.fl_str_mv |
2021 2021 |
| dc.publisher.none.fl_str_mv |
Universidad La Salle |
| publisher.none.fl_str_mv |
Universidad La Salle |
| dc.source.none.fl_str_mv |
Innovation and Software; Vol 2 No 2 (2021): September - February; 27-43 Innovación y Software; Vol. 2 Núm. 2 (2021): Septiembre - Febrero; 27-43 2708-0935 2708-0927 https://doi.org/10.48168/innosoft.s6 https://purl.org/42411/s6 https://n2t.net/ark:/42411/s6 reponame:Revistas - Universidad La Salle instname:Universidad La Salle instacron:USALLE |
| instname_str |
Universidad La Salle |
| instacron_str |
USALLE |
| institution |
USALLE |
| reponame_str |
Revistas - Universidad La Salle |
| collection |
Revistas - Universidad La Salle |
| repository.name.fl_str_mv |
|
| repository.mail.fl_str_mv |
|
| _version_ |
1850968426891182080 |
| spelling |
Proposal of an information security plan to increase the reliability of data in a financial companyPropuesta de un plan de seguridad de la información para incrementar la fiabilidad de datos en una financieraApaza Chávez, Wilmer AufredyDataManagementInformationISO/IEC 27002PlanSGSIDatosGestiónInformaciónISO/IEC 27002SGSIThe main function of the financial institution is to offer its services for the placement of cards, loans, etc., to the clients who request it in its different establishments. Given this, it was identified that there are activities in the bank that are generating mishandling of information by staff towards customers, which is causing claims from them due to inconsistency of the data that results in the disaffiliation of their services. For this reason, a proposal for an information security plan was developed in the processes and areas of Ripley bank, with the objective of increasing the reliability of its data, achieving the three principles for an ISMS such as availability, integrity and confidentiality. . To achieve this objective, the ISO / IEC 27001 and 27002 standards were selected to apply the controls of the information security plan proposal in the Ripley bank, being clearly established those responsible and the information that is handled in each of the processes and areas. As a result, the scope of the plan was carried out, as well as defining the policies, risk management analysis, priority was given to the management of information by areas, in addition, the bank's assets were analyzed where the reliability of the data is guaranteed, then the defined the plan applying the controls of ISO / IEC 27002. It was concluded to define the indicators to evaluate the information security plan proposal to increase the reliability of its data.La entidad financiera tiene como función principal ofrecer sus servicios de colocación de tarjetas, préstamos, etc., hacia los clientes que soliciten en sus diferentes establecimientos. Ante ello se identificó que en el banco existen actividades que están generando mal manejo de la información por parte del personal hacia los clientes lo cual está ocasionando reclamos de los mismos por inconsistencia de los datos que trae como consecuencia la desafiliación de sus servicios. Por ese motivo se desarrolló una propuesta de un plan de seguridad de la información en los procesos y áreas del banco Ripley, teniendo como objetivo el incremento de la fiabilidad de sus datos, logrando los tres principios para un SGSI como son disponibilidad, integridad y confidencialidad. Para lograr dicho objetivo se seleccionó las normas ISO/IEC 27001 y 27002 para aplicar los controles de la propuesta del plan de seguridad de la información en el banco Ripley, quedando claramente establecidos los responsables y la información que se maneja en cada una de los procesos y áreas. Como resultado se realizó el alcance del plan, así como definir las políticas, análisis de gestión de riesgos, se dio prioridad al manejo de la información por áreas, además se analizó los activos del banco donde se garantice la fiabilidad de los datos, luego se definió el plan aplicando los controles de la ISO/IEC 27002. Se concluyó en definir los indicadores para evaluar la propuesta del plan de seguridad de la información para incrementar la fiabilidad de sus datos.Universidad La Salle2021-09-30info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionJournal papertextArtículos originalesapplication/pdftext/htmlhttps://revistas.ulasalle.edu.pe/innosoft/article/view/39https://doi.org/10.48168/innosoft.s6.a39https://purl.org/42411/s6/a39https://n2t.net/ark:/42411/s6/a39Innovation and Software; Vol 2 No 2 (2021): September - February; 27-43Innovación y Software; Vol. 2 Núm. 2 (2021): Septiembre - Febrero; 27-432708-09352708-0927https://doi.org/10.48168/innosoft.s6https://purl.org/42411/s6https://n2t.net/ark:/42411/s6reponame:Revistas - Universidad La Salleinstname:Universidad La Salleinstacron:USALLEspahttps://revistas.ulasalle.edu.pe/innosoft/article/view/39/41https://revistas.ulasalle.edu.pe/innosoft/article/view/39/42https://purl.org/42411/s6/a39/g41https://purl.org/42411/s6/a39/g42https://n2t.net/ark:/42411/s6/a39/g41https://n2t.net/ark:/42411/s6/a39/g4220212021Derechos de autor 2021 Innovación y Softwarehttps://creativecommons.org/licenses/by/4.0info:eu-repo/semantics/openAccessoai:ojs.revistas.ulasalle.edu.pe:article/392025-07-03T08:01:52Z |
| score |
13.060688 |
Nota importante:
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
