Guía para realizar una Auditoría al Sistemas de Gestión de Seguridad de la Información desarrollada bajo la NTC-ISO/IEC 27001:2013

Guía para realizar una Auditoría al Sistemas de Gestión de Seguridad de la Información desarrollada bajo la NTC-ISO/IEC 27001:2013

An Information Security Management System (ISMS) is crucial for protecting an organization's information assets. To effectively implement it, risks must be identified and evaluated, appropriate policies and procedures established, and clear responsibilities assigned.The NTC-ISO/IEC 27001 (ICONT...

Full description

Saved in:
Bibliographic Details
Main Author: Guzmán Díaz, Jorge Mario
Other Authors: Mayorga Galarza, Mario Fernando
Format: Trabajo de grado (Pregrado y/o Especialización)
Language:spa
Published: Universidad Antonio Nariño 2023
Subjects:
Sistema de Gestión
Seguridad
Información
activos de información
controles de seguridad
657
7.23 G993g
Information Security
Management System
information
information security
controls
Online Access:http://repositorio.uan.edu.co/handle/123456789/8175
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:An Information Security Management System (ISMS) is crucial for protecting an organization's information assets. To effectively implement it, risks must be identified and evaluated, appropriate policies and procedures established, and clear responsibilities assigned.The NTC-ISO/IEC 27001 (ICONTEC, 2013), COBIT5, or MAGERIT standards can be employed for its implementation. The audit of the ISMS, based on ISO/IEC 27007 (ISO, 2020), assesses compliance and effectiveness through documentation review, interviews, and technical testing.
  • Editorial
  • CRAI
  • Repositorio
  • Libros