Implantación de auditorías internas para la preservación, corrección y mantenimiento del SGSI de la FACCI.

Abstract

The decision of an institution to give adequate treatment to the risks associated with the security of its information through the implementation of an Information Security Management System (ISMS), based on the analysis of the nature of the institution, the scope where the needs of the faculty, its teachers and students are developed and produced. The work must be arduous in the implementation of the ISMS and even more in the start-up and maintenance. This research work will support the Faculty of Computer Science (FACCI) in the verification part, which will assess the situational status of your ISMS, developing a work plan of the internal audit to the information security system for the strategically chosen process, verifying the implementation and operation of the controls according to Annex A of ISO / IEC 27001: 2005, documenting findings, differentiating major, minor and major improvement nonconformities, also issuing a report of findings to present it to senior management, thus supporting the development of the action plan to be executed for the closure of observations. It will also support the transition to raise awareness throughout the FACCI so that it accepts this new challenge and is fully committed to the role it has to assume.