Metodología Ágil para la Gestión de Riesgos Informáticos

Franklin Mauricio Arevalo Moscoso; Irene Priscila Cedillo Orellana; Santiago Arturo Moscoso Bernal

doi:10.26871/killkana_tecnica.v1i2.81

Metodología Ágil para la Gestión de Riesgos Informáticos

Franklin Mauricio Arevalo Moscoso (Primer Autor)
, Irene Priscila Cedillo Orellana
, Santiago Arturo Moscoso Bernal

Facultad de Ingeniería, Universidad de Cuenca
Universidad Católica de Cuenca
UCuenca

Producción científica: Contribución a una revista › Artículo › revisión exhaustiva

Resumen

This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

Idioma original	Español
Publicación	Revista Killkana Técnica
DOI	https://doi.org/10.26871/killkana_tecnica.v1i2.81
Estado	Publicada - 2017
Publicado de forma externa	Sí

ODS de las Naciones Unidas

Este resultado contribuye a los siguientes Objetivos de Desarrollo Sostenible

ODS 7: Energía asequible y no contaminante
ODS 9: Industria, innovación e infraestructura
ODS 12: Producción y consumo responsables

Palabras clave

Seguridad de la información; Análisis de riesgos; Gestión de riesgos; ISO 31000; ISO 27005

Acceder al documento

10.26871/killkana_tecnica.v1i2.81

Otros archivos y enlaces

Other Link

Citar esto

@article{fad619c373b347039604c3660cd703ce,

title = "Metodolog{\'i}a {\'A}gil para la Gesti{\'o}n de Riesgos Inform{\'a}ticos",

abstract = "This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.",

keywords = "Seguridad de la informaci{\'o}n; An{\'a}lisis de riesgos; Gesti{\'o}n de riesgos; ISO 31000; ISO 27005, Seguridad de la informaci{\'o}n; An{\'a}lisis de riesgos; Gesti{\'o}n de riesgos; ISO 31000; ISO 27005",

author = "\{Arevalo Moscoso\}, \{Franklin Mauricio\} and \{Cedillo Orellana\}, \{Irene Priscila\} and \{Moscoso Bernal\}, \{Santiago Arturo\}",

year = "2017",

doi = "10.26871/killkana\_tecnica.v1i2.81",

language = "Espa{\~n}ol",

journal = "Revista Killkana T{\'e}cnica",

}

TY - JOUR

T1 - Metodología Ágil para la Gestión de Riesgos Informáticos

AU - Arevalo Moscoso, Franklin Mauricio

AU - Cedillo Orellana, Irene Priscila

AU - Moscoso Bernal, Santiago Arturo

PY - 2017

Y1 - 2017

N2 - This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

AB - This article presents a comprehensive methodology for IT risk management based on globally accepted standards suchas ISO 31000 and ISO / IEC 27005, which states the requirements for an adequate risk management; however, they donot indicate, at least in a clear manner, the way in which such management can be carried out. Recommendations andgood practices from other international risk management standards and guidelines are therefore included. Its validity isverified through the application of the proposed methodology in an industrial food company; Furthermore, the work teamthat applied the methodology had at its disposal the suggested tools that helped to technically assess the risks accordingto their occurrence probability, their consequences, and safety dimensions affected.

KW - Seguridad de la información; Análisis de riesgos; Gestión de riesgos; ISO 31000; ISO 27005

UR - https://revistas.unae.edu.ec/index.php/runae/article/view/705

U2 - 10.26871/killkana_tecnica.v1i2.81

DO - 10.26871/killkana_tecnica.v1i2.81

M3 - Artículo

JO - Revista Killkana Técnica

JF - Revista Killkana Técnica

ER -