Rol del auditor en la evaluación del cumplimiento de las políticas de seguridad de la información

Thumbnail Image
Files
2020_LydaFabiolaCastroPinzon.pdf (795.97 KB)
Share
Date
2020-11-30
Authors
Castro Pinzón, Lyda Fabiola
Director(s)
Arenas Correa, Hernán Darío
Publisher
Universidad Antonio Nariño
Campus
Bogotá - Sur
Faculty
Facultad de Ciencias Económicas y Administrativas
Program
Especialización en Auditoría de Sistemas (Virtual)
Degree obtained
Especialista en Auditoría de Sistemas
Document type
COAR type
http://purl.org/coar/resource_type/c_7a1f
Citation
Bibliographic Managers
Zotero
BibTex
CSV
EndNote
Document Viewer
Select a file to preview:
item.page.resume
Propia
Abstract
The evaluation of security policies is a rigorous and methodical process, where the auditor's mission is to verify the mechanisms that have been implemented in organizations to comply with them. Policies are defined as the standards that must be met by the actors who participate in organizations and who make use of the information. Non-compliance with policies can cause loss of data assets and reputational damage, which can sometimes compromise organizational objectives. The role of the auditor in evaluating compliance with security policies should be focused on finding security weaknesses and evaluating the risk management carried out by the organization, supported by auditing techniques and tools that allow him to obtain the necessary evidence to issue a concept on compliance with policies, updating them and the management carried out to the risks of the organization.
Keywords
Políticas, seguridad informática, riesgos, evaluación, auditoría
item.page.subject.keyword
Policies, IT security, risks, evaluation, audit
item.page.coverage.spatial
item.page.coverage.temporal
URI
http://repositorio.uan.edu.co/handle/123456789/2839
Collections
Especialización en Auditoria de sistemas