Publicación: Diseño de un sistema de gestión de seguridad de la información mediante la aplicación de la norma internacional iso/iec 27001:2013 en la Constructora Roa Leiva s.a.s. De la ciudad de Neiva.
Portada
Citas bibliográficas
Código QR
Director
Autor corporativo
Recolector de datos
Otros/Desconocido
Director audiovisual
Editor/Compilador
Editores
Tipo de Material
Fecha
Cita bibliográfica
Título de serie/ reporte/ volumen/ colección
Es Parte de
Resumen
This writing includes the proposal for the design of an Information Security Management System through the application of the international standard ISO/IEC 27001:2013 for the Systems and Telecommunications office of Constructora Roa Leiva SAS, located in the city from Neiva (H). The realization of this project contributes methodologically to the increase of the efficiency in the internal processes, watching over the computer assets and the security of the information of the construction company, so that, through planning, it is sought to thoroughly investigate the experiences found in other projects, to adapt a practical and adequate system to the needs of the same. To start, a collection of related bibliographic information was carried out, which contributes significantly to the content of the current writing, through a mixed approach, based on a historical - explanatory investigation, which has allowed us to respond to the need to implement a System of Information Security Management through the application of the international standard ISO/IEC 27001:2013. This proposal proposes an analysis of the current situation according to the domains and control objectives of the ISO/IEC 27001:2013 standard, identifying the assets and resources that must be protected and that affect the critical activities of the institution under a methodology of systematic evaluation. On the other hand, it proposes the determination of the risks that arise with the information handled in the company, which will allow a subsequent formulation of mitigation plans according to the shortcomings found. Given the above, the use of technological and development tools that allow the management of processes that guarantee information security is recommended.