Guía para realizar una Auditoría al Sistemas de Gestión de Seguridad de la Información desarrollada bajo la NTC-ISO/IEC 27001:2013
Loading...
Share
Date
2023-05-27
Authors
Director(s)
Publisher
Universidad Antonio Nariño
Campus
Degree obtained
Document type
Tesis/Trabajo de grado - Monografía - Especialización
COAR type
http://purl.org/coar/resource_type/c_46ec
Citation
Bibliographic Managers
Document Viewer
Select a file to preview:
item.page.resume
Abstract
An Information Security Management System (ISMS) is crucial for protecting an organization's information assets. To effectively implement it, risks must be identified and evaluated, appropriate policies and procedures established, and clear responsibilities assigned.The NTC-ISO/IEC 27001 (ICONTEC, 2013), COBIT5, or MAGERIT standards can be employed for its implementation. The audit of the ISMS, based on ISO/IEC 27007 (ISO, 2020), assesses compliance and effectiveness through documentation review, interviews, and technical
testing.