Currently, security in information has become one of the main challenges for most organizations. It is a process of risk management that covers every instance when information must be protected . ISO 17799 offers what organizations need in order to have a better security in information. The best way to implement that standard is making easier the security management process by using methods that allow to define guides, procedures and tools needed during implementation. This paper deals with the construction of a computing tool that helps the organization in meeting the norms BS 7799/ ISO 17799 and peruvian regulation NTP 17799. This will result in planning and implementing needed actions to fulfill or certify the above mentioned standards.