Diseño de un sistema de gestión de seguridad para proteger el acceso a la información

Descripción del Articulo

Given the evolution of information technology and its direct relation to the objectives of the_x000D_ organizations, the universe of threats and vulnerabilities increases, therefore it is necessary to protect one of the most important assets of the organization, information, ensuring always availabi...

Descripción completa

Detalles Bibliográficos
Autores: Moro Abanto, Manuel, Vera Zavaleta, Juán Alberto
Formato: tesis de grado
Fecha de Publicación:2015
Institución:Universidad Nacional de Trujillo
Repositorio:UNITRU-Tesis
Lenguaje:español
OAI Identifier:oai:dspace.unitru.edu.pe:20.500.14414/11275
Enlace del recurso:https://hdl.handle.net/20.500.14414/11275
Nivel de acceso:acceso abierto
Materia:Gestión de Seguridad
Descripción
Sumario:Given the evolution of information technology and its direct relation to the objectives of the_x000D_ organizations, the universe of threats and vulnerabilities increases, therefore it is necessary to protect one of the most important assets of the organization, information, ensuring always availability, confidentiality and integrity of the same._x000D_ Faced with this reality, we see that not having an information security program to provide the guarantees necessary for the information in any organization, amid a highly competitive market today, represents a considerable disadvantage against companies in the same sector who do work the issue within its organizational culture. This disadvantage could bring very serious, such as the loss of a significant number of customers or working arrangements with other companies losses, affecting mainly the financial side of the organization, and could eventually if losses become critical, lead business bankrupt._x000D_ For educational institutions, it can be seen that they do not take safety as priority information._x000D_ As also it is seen that there is a culture of safety cross those entities. While there is still no_x000D_ regulation of the Ministry of Education, it will not have to wait for the issue to be regulated to just take action in establishing controls to mitigate or reduce the risks to which the information from these entities is exposed._x000D_ The purpose of this work focused on the design of a management system of information_x000D_ security (ISMS) under a methodology of analysis and risk assessment developed and designed by the authors of this paper, also they used as reference standards ISO 27001: 2005 and ISO 17799: 2005_x000D_ Systemic and pragmatic, not dogmatic approach is promoted, in favor of an effective and_x000D_ sustainable approach, giving priority criteria convenience cost-effective. The need for guidance and relevance to the real requirements of business security is emphasized._x000D_ In this thesis, he designed and developed the model to implement a management system for information security for any type of information, consisting of measures to deter, prevent, detect and correct security violations that occur during the transmission of information._x000D_ In this context, this project provides an alternative design of a System Information Security_x000D_ Management (ISMS) to an educational institution of higher level, taking the reality of a local educational institution University Private Trujillo Peru (UPTP). This thesis focuses on protecting the information of the main processes of this educational institution following existing international standards
Diseño de un sistema de gestión de seguridad para proteger el acceso a la información
Nota importante:
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).

Ejemplares Similares