Metodología Ágil para la Gestión de Riesgos Informáticos

Franklin Mauricio Arevalo Moscoso; Irene Priscila Cedillo Orellana; Santiago Arturo Moscoso Bernal; Franklin Mauricio Arevalo Moscoso; Franklin Mauricio Arevalo Moscoso

doi:10.26871/killkana_tecnica.v1i2.81

Metodología Ágil para la Gestión de Riesgos Informáticos

Franklin Mauricio Arevalo Moscoso, Irene Priscila Cedillo Orellana, Santiago Arturo Moscoso Bernal, Franklin Mauricio Arevalo Moscoso (Primer Autor), Franklin Mauricio Arevalo Moscoso (Autor de Correspondencia)

Producción científica: Contribución a una revista › Artículo › revisión exhaustiva

Resumen

This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

Idioma original	Español
Publicación	Revista Killkana Técnica
DOI	https://doi.org/10.26871/killkana_tecnica.v1i2.81
Estado	Publicada - 2017
Publicado de forma externa	Sí

Palabras clave

Seguridad de la información; Análisis de riesgos; Gestión de riesgos; ISO 31000; ISO 27005

ODS de las Naciones Unidas

Este resultado contribuye a los siguientes Objetivos de Desarrollo Sostenible

Acceder al documento

10.26871/killkana_tecnica.v1i2.81

Otros archivos y enlaces

https://killkana.ucacue.edu.ec/index.php/killkana_tecnico/article/view/81

Citar esto

@article{fad619c373b347039604c3660cd703ce,

title = "Metodolog{\'i}a {\'A}gil para la Gesti{\'o}n de Riesgos Inform{\'a}ticos",

abstract = "This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.",

keywords = "Seguridad de la informaci{\'o}n; An{\'a}lisis de riesgos; Gesti{\'o}n de riesgos; ISO 31000; ISO 27005, Seguridad de la informaci{\'o}n; An{\'a}lisis de riesgos; Gesti{\'o}n de riesgos; ISO 31000; ISO 27005",

author = "\{Arevalo Moscoso\}, \{Franklin Mauricio\} and \{Cedillo Orellana\}, \{Irene Priscila\} and \{Moscoso Bernal\}, \{Santiago Arturo\} and \{Arevalo Moscoso\}, \{Franklin Mauricio\} and \{Arevalo Moscoso\}, \{Franklin Mauricio\}",

year = "2017",

doi = "10.26871/killkana\_tecnica.v1i2.81",

language = "Espa{\~n}ol",

journal = "Revista Killkana T{\'e}cnica",

}

TY - JOUR

T1 - Metodología Ágil para la Gestión de Riesgos Informáticos

AU - Arevalo Moscoso, Franklin Mauricio

AU - Cedillo Orellana, Irene Priscila

AU - Moscoso Bernal, Santiago Arturo

AU - Arevalo Moscoso, Franklin Mauricio

PY - 2017

Y1 - 2017

N2 - This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

AB - This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

KW - Seguridad de la información; Análisis de riesgos; Gestión de riesgos; ISO 31000; ISO 27005

UR - https://killkana.ucacue.edu.ec/index.php/killkana_tecnico/article/view/81

U2 - 10.26871/killkana_tecnica.v1i2.81

DO - 10.26871/killkana_tecnica.v1i2.81

M3 - Artículo

JO - Revista Killkana Técnica

JF - Revista Killkana Técnica

ER -