Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Recolector de Cienci...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2018
License: CC BY NC ND
Data sources: Recolector de Ciencia Abierta, RECOLECTA
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2018
License: CC BY NC ND
Data sources: Recolector de Ciencia Abierta, RECOLECTA
 View all 2 versions
Claim

Adaptación de una pyme a la futura normativa RGPD (EU RGPD)

descriptionPublicationkeyboard_double_arrow_right Master thesis 01 Jan 2018 Spain Spanish Publisher:Universitat Oberta de Catalunya
Authors: Tarazona Ros, Marcos;

handle: 10609/81245

Adaptación de una pyme a la futura normativa RGPD (EU RGPD)

Abstract

Aquest treball final de Màster explica la necessitat de complir amb la nova normativa europea RGPD per garantir la privadesa i seguretat a l'hora de tractar les dades personals dins d'una organització. En aquest cas, es realitzarà l'adaptació en una pime fictícia a la qual cridarem "Automotive X" i el negoci de la qual se centra en la producció de peces de vehicles. Per començar amb aquest projecte, es realitzarà una descripció del negoci i els seus processos. Seguidament s'identificarà el tractament de les dades personals que realitza l'empresa, així com també el flux que aquests segueixen i els actius que es veuen implicats en el seu tractament. Una vegada coneguda aquesta informació, es realitzarà una anàlisi de riscos per poder avaluar quin seria l'impacte en el negoci i d'aquesta manera poder establir controls de seguretat per eliminar o mitigar aquests riscos. D'igual manera, per garantir la millora contínua i assegurar que l'organització coneix el seu estat de maduresa quant a aspectes de seguretat de la informació, es realitzarà un GAP anàlisi de la ISO 27001:2013 i contemplarem algunes recomanacions de seguretat d'aquesta. Finalment, s'aplicaran les accions pertinents per aconseguir l'adaptació dels processos de negoci de manera que es garanteixi la protecció de les dades personals i el seu tractament legítim.

Este trabajo final de Máster explica la necesidad de cumplir con la nueva normativa europea RGPD para garantizar la privacidad y seguridad a la hora de tratar los datos personales dentro de una organización. En este caso, se realizará la adaptación en una pyme ficticia a la que llamaremos "Automotive X" y cuyo negocio se centra en la producción de piezas de vehículos. Para empezar con este proyecto, se realizará una descripción del negocio y sus procesos. Seguidamente se identificará el tratamiento de los datos personales que realiza la empresa, así como también el flujo que estos siguen y los activos que se ven implicados en su tratamiento. Una vez conocida esta información, se realizará un análisis de riesgos para poder evaluar cuál sería el impacto en el negocio y de este modo poder establecer controles de seguridad para eliminar o mitigar estos riesgos. De igual modo, para garantizar la mejora continua y asegurar que la organización conoce su estado de madurez en cuanto a aspectos de seguridad de la información, se realizará un GAP análisis de la ISO 27001:2013 y contemplaremos algunas recomendaciones de seguridad de esta. Finalmente, se aplicarán las acciones pertinentes para lograr la adaptación de los procesos de negocio de modo que se garantice la protección de los datos personales y su tratamiento legítimo.

This final Master's work explains the need to comply with the new European GDPR regulations to guarantee privacy and security when dealing with personal data within an organization. In this case, the adaptation will be made in a fictitious SME to which we will call "Automotive X" and whose business is focused on the production of vehicle parts. To begin with this project, a description of the business and their processes will be made. Then an identification of the personal data handled by the company will be done, as well as the flow they follow and the assets that are involved in their treatment. Once this information is known, a risk analysis will be carried out in order to evaluate the impact on the business and in this way establish security controls to eliminate or mitigate these risks. Similarly, to ensure continuous improvement and ensure that the organization knows their state of maturity in terms of information security aspects, a GAP analysis of ISO 27001:2013 will be carried out and some safety recommendations of this will be contemplated. Finally, the pertinent actions will be applied to achieve the adaptation of business processes in order to guarantee the protection of personal data and their legitimate treatment.

Country
Spain
Related Organizations
Keywords

data protection, protecció de dades, Tecnologia de la informació -- TFM, Information technology --TFM, SMEs, RGPD, protección de datos, GDPR, Tecnología de la información -- TFM, pyme, pime

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 0
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
0
Average
Average
Average
Green