Publicación: Análisis de riesgos al proceso de gestión de tecnología de la información para la caja de compensación familiar del Tolima Comfatolima, sede administrativa–Ibagué.
Portada
Citas bibliográficas
Código QR
Autor corporativo
Recolector de datos
Otros/Desconocido
Director audiovisual
Editor/Compilador
Filiación Institucional
Tipo de Material
Fecha
Cita bibliográfica
Título de serie/ reporte/ volumen/ colección
Es Parte de
Resumen
The purpose of information security is to protect its access, use, disclosure, interruption or unauthorized destruction and computer security is the process of preventing and detecting the unauthorized use of a computer system, it implies the process of protecting against intruders, the use of our computer resources with malicious intentions or with the intention of obtaining profits, or even the possibility of accessing them by accident, for this reason COMFATOLIMA must secure your information of cyber criminals, criminal or illegal activities. According to the above, the project focuses on determining or doing risk analysis to one of the most important processes of the organization such as the technological management process, and that it is a support process since the information of the organization can be process or evaluate data in transit, for that reason the integrity of the data is possible. On the other hand, the scope of the project was limited only to the risk analysis of the swichts and routers of the equipment room located in the main rack of the Local Area Network. When performing the risk analysis to the aforementioned devices, it will be possible to determine the risks that may be generated, the impact that would cause COMFATOLIMA if a threat or weakness were to crystallize by a computer criminal. The result of the risk analysis is to leave COMFATOLIMA a report of the conformities and nonconformities in accordance with the ISO / IEC27002 -2013 and ISO / IEC 31000 standards so that from this report, if so desired, COMFATOLIMA should proceed, FIRST : make the implementation of controls to counteract attacks and strengthen weaknesses. SECOND manage and treat risks by whoever corresponds in the IT management department.