Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Recolector de Cienci...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2019
License: CC BY NC ND
Data sources: Recolector de Ciencia Abierta, RECOLECTA
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2019
License: CC BY NC ND
Data sources: Recolector de Ciencia Abierta, RECOLECTA
 View all 2 versions
Claim

Desarrollo de un plan director de seguridad de la información para la implementación de un SGSI

descriptionPublicationkeyboard_double_arrow_right Master thesis 01 Jan 2019 Spain Spanish Publisher:Universitat Oberta de Catalunya (UOC)
Authors: Jara Cabrera, Freddy Vinicio;

handle: 10609/97010

Desarrollo de un plan director de seguridad de la información para la implementación de un SGSI

Abstract

El presente TFM, tiene como objeto desarrollar el Plan Director de la seguridad de la información de una empresa, basado en el estándar internacional ISO/IEC 27001:2013 certificable y el manual de buenas prácticas ISO/IEC 27002 :2013 que describe los controles o salvaguardias para mitigar las amenazas. La implementación de un SGSI y mediante la metodología de análisis de riesgo MAGERIT, ha permitido a la empresa realizar un inventario de sus activos y valorarlos en las dimensiones de seguridad, así como identificar las amenazas que se podrían materializar en los activos. Calcular el impacto potencial y medir el nivel de riesgo de los activos, para posteriormente realizar una propuesta de proyectos, que tiene la finalidad de mejorar el nivel de cumplimiento de los estándares ISO/IEC 27001-27002. Finalizando con una auditoria de cumplimiento usando el modelo de madurez de la capacidad (CMM).

El present TFM, té com a objecte desenvolupar el Pla Director de la seguretat de la informació d'una empresa, basat en l'estàndard internacional ISO/IEC 27001:2013 certificable i el manual de bones pràctiques ISO/IEC 27002 :2013 que descriu els controls o salvaguardes per a mitigar les amenaces. La implementació d'un SGSI i mitjançant la metodologia d'anàlisi de risc MAGERIT, ha permès a l'empresa realitzar un inventari dels seus actius i valorar-los en les dimensions de seguretat, així com identificar les amenaces que es podrien materialitzar en els actius. Calcular l'impacte potencial i mesurar el nivell de risc dels actius, per a posteriorment realitzar una proposta de projectes, que té la finalitat de millorar el nivell de compliment dels estàndard ISO/IEC 27001-27002. Finalitzant amb una auditoria de compliment usant el model de maduresa de la capacitat (CMM).

The purpose of this TFM is to develop the Master Plan for information security of a company, based on the ISO / IEC 27001: 2013 international certifiable standard and also based on the ISO / IEC 27002: 2013 good practices manual that describes the controls or safeguards to mitigate the threats. The implementation of an SGSI using the MAGERIT risk analysis methodology has allowed to the company to carry out an inventory of its assets and value them in the security dimensions, as well as identify the threats that could materialize in the assets. Calculate the potential impact and measure the level of risk of the assets, to subsequently make a project proposal, which aims to improve the level of compliance with ISO / IEC 27001-27002 standards. Finalizing with a compliance audit using the Capability Maturity Model CMM-

Country
Spain
Related Organizations
Keywords

security master plan, SGSI, seguretat informàtica, pla director de seguretat, Computer security -- TFM, ISMS, ISO/IEC 27001, análisis y gestión de riesgos, plan director de seguridad, Magerit, Seguridad informática -- TFM, risk analysis and management, Seguretat informàtica -- TFM, anàlisi i gestió de riscos, seguridad informática, computer security

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 0
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
0
Average
Average
Average
Green