Publicación: Análisis de riesgos y vulnerabilidades al área de TI de la empresa Fundación el Alcaraván bajo la Norma ISO 27001:2013
Portada
Citas bibliográficas
Código QR
Director
Autor corporativo
Recolector de datos
Otros/Desconocido
Director audiovisual
Editor/Compilador
Filiación Institucional
Tipo de Material
Fecha
Cita bibliográfica
Título de serie/ reporte/ volumen/ colección
Es Parte de
Resumen
As part of the Information Security Management System, it is necessary for the company to carry out adequate risk management that allows it to know which are the main vulnerabilities of its information assets and which are the possible ones to exploit the vulnerabilities. To the extent that the company is clear about this risk identification, it will be able to establish viable preventive and corrective measures that guarantee higher levels of security in your information. (Anonimo, 2012) Is project allows to carry out a Risk and Vulnerability Analysis of the Technological Infrastructure of the El Alcaraván Foundation, using MAGERIT methodologies and the ISO / IEC 27001: 2013 standard, in order to determine if there is a safe environment for the systems and services. offered by the foundation, as well as technological risk mitigation plans. The MAGERIT methodology chosen for this project begins with the identification of risks, which is divided into identification of assets or access points and identification and search for vulnerabilities, the latter is the phase of security testing tests, which are carried out. identify the vulnerabilities present in each of the evaluation entities defined by the methodology; then the risk analysis is performed, in the second instance the risk assessment and assessment, finally the technical impact and business impact analysis is carried out. All this in turn supported by the ISO / IEC 27001: 2013 standard that provides us with information security controls