Sistema de gestión para la seguridad de lanformación basado en metodología de identificación y análisis de riesgo en la Biblioteca de la Universidad de la Costa
Abstract
The purpose of this research is to develop an information management system based on the identification and risk analysis methodology for the processes at the Universidad de la Costa library, according to the characteristics of the study. applied, retrospective, cross-sectional, descriptive and documentary type, since it aims to solve a problem or need, where part of the information was obtained before starting the study and during the course of the research, guaranteeing good compliance with the processes according to are established in the regulations of the methodology, and assurance of the information of the library users, through the adaptation of the ISO / IEC 27001: 2013 standard. With regard to the methodology associated with safety and risk, OCTAVE, NIST 800-30, MARGARIT were applied, establishing the standardization of the processes in the library of the Universidad de la Costa
Collections