Metodología Ágil para la Gestión de Riesgos Informáticos

Franklin Mauricio Arevalo Moscoso; Irene Priscila Cedillo Orellana; Santiago Arturo Moscoso Bernal

doi:10.26871/killkana_tecnica.v1i2.81

Metodología Ágil para la Gestión de Riesgos Informáticos

Franklin Mauricio Arevalo Moscoso (First Author)
, Irene Priscila Cedillo Orellana
, Santiago Arturo Moscoso Bernal

Research output: Contribution to journal › Article › peer-review

Abstract

This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

Original language	Spanish
Journal	Revista Killkana Técnica
DOIs	https://doi.org/10.26871/killkana_tecnica.v1i2.81
State	Published - 2017
Externally published	Yes

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 7 Affordable and Clean Energy
SDG 9 Industry, Innovation, and Infrastructure
SDG 12 Responsible Consumption and Production

Keywords

Seguridad de la información; Análisis de riesgos; Gestión de riesgos; ISO 31000; ISO 27005

Access to Document

10.26871/killkana_tecnica.v1i2.81

Cite this

@article{fad619c373b347039604c3660cd703ce,

title = "Metodolog{\'i}a {\'A}gil para la Gesti{\'o}n de Riesgos Inform{\'a}ticos",

abstract = "This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.",

keywords = "Seguridad de la informaci{\'o}n; An{\'a}lisis de riesgos; Gesti{\'o}n de riesgos; ISO 31000; ISO 27005, Seguridad de la informaci{\'o}n; An{\'a}lisis de riesgos; Gesti{\'o}n de riesgos; ISO 31000; ISO 27005",

author = "\{Arevalo Moscoso\}, \{Franklin Mauricio\} and \{Cedillo Orellana\}, \{Irene Priscila\} and \{Moscoso Bernal\}, \{Santiago Arturo\}",

year = "2017",

doi = "10.26871/killkana\_tecnica.v1i2.81",

language = "Espa{\~n}ol",

journal = "Revista Killkana T{\'e}cnica",

}

TY - JOUR

T1 - Metodología Ágil para la Gestión de Riesgos Informáticos

AU - Arevalo Moscoso, Franklin Mauricio

AU - Cedillo Orellana, Irene Priscila

AU - Moscoso Bernal, Santiago Arturo

PY - 2017

Y1 - 2017

N2 - This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

AB - This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

KW - Seguridad de la información; Análisis de riesgos; Gestión de riesgos; ISO 31000; ISO 27005

UR - https://revistas.unae.edu.ec/index.php/runae/article/view/705

U2 - 10.26871/killkana_tecnica.v1i2.81

DO - 10.26871/killkana_tecnica.v1i2.81

M3 - Artículo

JO - Revista Killkana Técnica

JF - Revista Killkana Técnica

ER -

Metodología Ágil para la Gestión de Riesgos Informáticos

Abstract

UN SDGs

Keywords

Access to Document

Other files and links

Cite this