Extensión Cañar - Ingeniería de Sistemas
URI permanente para esta colección
Examinar
Examinando Extensión Cañar - Ingeniería de Sistemas por Asesores "Flores Urgiles, Cristhian Humberto"
Mostrando 1 - 9 de 9
Resultados por página
Opciones de ordenación
- ÍtemAcceso AbiertoAnálisis del nivel de cumplimiento de las políticas de seguridad de la información de los Gad’s cantonales Cañar, El Tambo y Suscal(Universidad Católica de Cuenca campus Cañar, 2023) Zhao Yuquipa, Claudio Xavier; Flores Urgiles, Cristhian Humberto; 0302602222The purpose of this research is to assess the extent to which information security policies are implemented in the Cantonal GADs (Decentralized Autonomous Governments) of Cañar. The focus of this study is quantitative, descriptive, and explanatory. For the evaluation, the ISO 27001:2013 standard and the ISO 27002 best practices guide are applied, allowing the assessment of each domain and control objective. The theoretical framework is established through the analysis of documents related to the Information Security Management System (ISMS), ISO 27000, the Data Protection Law, the computer security regulations for public entities in Ecuador, and the information security guidelines issued by regulatory entities.To understand the current condition of the GAD's, an investigation was carried out through a survey of administrators in the information technology departments, obtaining the following results: 2 domains with high risk, 10 with medium risk, and 2 with low risk. Keywords: ISO, SGSI, GAD's, Data, Domains.
- ÍtemAcceso AbiertoAnalítica descriptiva para la comprensión del estado actual del fenómeno delincuencial en el Ecuador(Universidad Católica de Cuenca campus Cañar, 2023) Yupa Morocho, Alex Juan; Flores Urgiles, Cristhian Humberto; 0350031035This study carries out a practical application of data analysis techniques to generate intelligence that supports informed decision-making on public safety and crime prevention in Ecuador. The stated objectives were: a) To conduct a theoretical study on descriptive analytics and its related concepts, b) To analyze the INEC database related to crime in Ecuador, c) To develop descriptive analytics models that allow the analysis of the crime phenomenon in Ecuador. The study applies the agile MAMBO methodology for the analytical processing of a dataset on arrests and police apprehensions in Ecuador. It uses 79,609 records with 23 fields covering demographic, geographic, and types of crime information. The inductive approach enables insights generation from the data to support decision-making in citizen security. Techniques include descriptive statistics, data visualization, ARIMA time series modeling, and aggregation algorithms. Data cleaning, integration, and transformation are applied; then, dashboards with indicators about the demographic profile of offenders, geographic comparisons, temporal evolution, and patterns by hours are generated. The results reveal a predominance of young repeat male offenders. Guayas, Pichincha, and Manabí have the highest criminal activity, identifying crime peaks during nighttime. A trend forecasting model is also constructed, suggesting stability with slight fluctuations. Thus, the study demonstrates the value of Big Data analytics in comprehensively characterizing the crime phenomenon Keywords: descriptive analytics, crime, MAMBO.
- ÍtemAcceso AbiertoDiagnóstivo y línea base de los activos de la información e infraestructura crítica para la gestión de ciber seguridad del estado ecuatoriano, utilizando CSF NIST(Universidad Católica de Cuenca campus Cañar, 2023) Criollo Neira, Evelin Giomara; Flores Urgiles, Cristhian Humberto; 0302420815This study provides a comprehensive overview of the current state of cybersecurity in the country, clearly identifying its strengths, weaknesses, and areas for improvement. It offers a valuable baseline for future evaluations and for informing the development of strategies in this area. To this end, the following objectives were achieved: a) Conduct a diagnosis and establish a baseline of Ecuador's state cybersecurity information assets and critical infrastructure, b) Collect information on Ecuador's critical cybersecurity information assets and infrastructure, c) Conduct a thorough assessment of the current situation of identified information assets and critical infrastructures. A qualitative approach has been used through a literature review to establish the context and current situation. Ecuador's critical infrastructure has been classified into 7 sectors: water, electricity, health, military, telecommunications, oil, and gas. The study also evaluates Ecuador's cybersecurity maturity using the CMM model, mainly placing it in the initial stages of "formative" and "implemented. Keywords: critical infrastructures, baseline, information assets, cybersecurity
- ÍtemAcceso AbiertoDiseño de un plan de continuidad de negocio para la Cooperativa de ahorro y crédito Achik Inti Ltda(Universidad Católica de Cuenca campus Cañar, 2023) Loja Mayancela, Angelica Maria; Flores Urgiles, Cristhian Humberto; 0350164018Regardless of its field of operation, every organization is subject to calamities or incidents that could disrupt its normal operations. To avoid these problems, it is crucial to establish business continuity plans that enable it to act and resume business operations after incidents or emergencies. Within this framework, the present investigation proposes an elaboration of a "Business Continuity Plan (BCP) for the Achik Inti Savings and Credit Cooperative" with a technical and strategic approach to ensure the operational continuity and resilience of the organization. The study’s first and second chapters analyze the existing literature on business continuity planning, best practices in the credit union industry, and international standards in this field. The third chapter contains a detailed analysis of Savings and Credit Cooperative “Achik Inti Ltda.,” its daily operations, infrastructure, staff, financial services, and the risks associated with each aspect. It also includes the selection of the ISO 22301 standard for the preparation of the BCP and the MAGERIT methodology for risk analysis and management. The business continuity plan is developed in the fourth chapter of the investigation. This includes identifying critical business functions, the resources needed to maintain them, and strategies to recover them after an outage. Keywords: Business Continuity Plan, Savings and Credit Cooperative, ISO 22301 Standard, MAGERIT Methodology, BCP.
- ÍtemAcceso AbiertoGestión de servicios de TI usando las prácticas de ITIL V4 para la empresa Millenium Connection(Universidad Católica de Cuenca campus Cañar, 2023) Yupa Yupa, Edwin Alfredo; Flores Urgiles, Cristhian Humberto; 0302856802The research paper entitled " Gestión de Servicios de TI usando las prácticas de ITIL V4 para la Empresa Millenium Connection" [IT Service Management using the ITIL V4 practices for the Millenium Connection Company] focuses on the growing importance of Information Technology (IT) management in modern organizations. Initially, it highlights how IT management —at one time considered relevant only for large companies— has become essential for all-sized organizations nowadays. The main objective of the project is to develop an IT service management model based on the best practices of ITIL V4, specifically for the ‘Millenium Connection’ company. Throughout the work, topics addressed include theoretical framework, IT strategic planning, research methodology, and the design of an interview. Moreover, a service management proposal based on ITIL 4 adapted to the company’s needs is presented. This project aims to provide the company with a solid base to optimize its IT services, improve operational efficiency and customer satisfaction, and maintain competitiveness in a business environment propelled by constantly changing technology. Keywords: ITIL, IT, service management, management model.
- ÍtemAcceso AbiertoMetodología Steam como herramienta para mejorar el pensamiento lógico y matemático en estudiantes de séptimo año EGB de la UECIB Suscal(Universidad Católica de Cuenca campus Cañar, Enfermería, 2023) Angamarca Andrade , Erik Israel; Flores Urgiles, Cristhian Humberto; 0302169941The purpose of this research is to determine the feasibility of improving logical-mathematical reasoning in children from seventh grade EGB of UECIB "Suscal" through the implementation of the STEAM methodology in the classroom. A mixed research approach with a descriptive emphasis was adopted. For the evaluation, the STEAM methodology was used, which integrates various disciplines and enhances critical thinking and creativity. The Wechsler Intelligence Test (WISC) was also used, focusing on the "Matrix Design" subtest that measures non-verbal reasoning, essential for children's academic and social development. The theoretical foundation specifically addressed topics related to computational thinking, logical-mathematical reasoning, and methodologies, etc. To determine the effectiveness of implementing this method, a course was conducted using technological tools like Scratch as the essential element of the STEAM method, which helped strengthen logical-mathematical thinking through practical activities. The most notable finding was a moderate increase in logical reasoning and perceptual skills, achieving a higher average than the initial evaluation. Keywords: STEAM, SCRATCH, Wechsler (WISC), UECIB
- ÍtemAcceso AbiertoPropuesta de manual de política de seguridad de la información para la Cooperativa de Ahorro y Crédito Achik Inti Ltda, del cantón Cañar(Universidad Católica de Cuenca campus Cañar, 2023) Bermejo Pichasaca, Segundo Francisco; Flores Urgiles, Cristhian Humberto; 0350152690Achik Inti Savings and Credit Cooperative has played a key role in providing financial solutions throughout the Cañar canton and has proactively adapted to emerging competencies and the implementation of innovative projects. However, the lack of IT security protocols in the entity poses challenges, making it susceptible to unauthorized interventions. This project is oriented to the elaboration of an "IT SECURITY STANDARDS SCHEME FOR THE COOPERATIVE OF SAVINGS AND CREDIT ACHIK INTI LTDA, IN THE CANTON CAÑAR". To strengthen the structure of this research, the guidelines of ISO 27001:2013 and the recommendations of ISO 27002 were used. These frameworks were used to define and implement measures to ensure the confidentiality of information. A threat assessment was carried out using the MAGERIT methodology, which made it possible to detect and assess the assets in the Information and Communication Technologies (ICT) department. After this assessment, the technological risks associated with vulnerabilities were identified and the necessary controls to mitigate them were determined. Keywords: technological risks, MAGERIT, ICT, ISO 27001
- ÍtemAcceso AbiertoPropuesta de un modelo de Gobierno de TI para la gestión estratégica de las cooperativas de ahorro y crédito del cantón Cañar, basado en Cobit 5(Universidad Católica de Cuenca campus Cañar, 2023) Lema Mullo, Johnson Neptali; Flores Urgiles, Cristhian Humberto; 0606223824The entitled thesis "PROPOSAL OF AN IT GOVERNANCE MODEL FOR THE STRATEGIC MANAGEMENT OF THE SAVINGS AND CREDIT COOPERATIVES OF CAÑAR CANTON, BASED ON COBIT 5" focuses on the need to establish an IT governance model for the savings and credit cooperatives of Cañar Canton. For this purpose, it focuses on meeting three key objectives: A) To conduct an exhaustive technical study on the domains, processes, and application of the COBIT 5 reference framework in the area of IT governance. COBIT 5 is an international framework of best practices used to manage and govern information technology effectively and aligned with the strategic objectives of an organization. B) To analyze the current state of the crucial business processes related to the IT department in financial institutions. This analysis made it possible to identify areas for improvement and existing gaps in IT management in these cooperatives. C) To build an IT governance model based on COBIT 5 specifically designed for financial institutions. The proposed COBIT 5-based IT governance model provides the necessary tools to achieve this improvement, and ensure adequate control of technical resources, operational efficiency and adaptability to change, all concerning international standards of good IT practices. Keywords: COBIT 5, IT governance, strategic management.
- ÍtemAcceso AbiertoPropuesta de un modelo de madurez de ciberseguridad para Ecuador(Universidad Católica de Cuenca campus Cañar, 2023) Verdugo Crespo, Gerson Leonardo; Flores Urgiles, Cristhian Humberto; 0303016851ABSTRACT The purpose of this article is to propose a cybersecurity maturity model adapted to the needs and characteristics of Ecuador, which will allow the evaluation and improvement of cybersecurity capacity in organizations, government agencies and critical infrastructures in the country. The Model is called Cybersecurity Maturity Model of Ecuador (CMME), and the main objectives are; Develop a cybersecurity maturity model, with a proposal for the Ecuadorian State, determining its domains, maturity levels, functions and categories based on recognized standards and reference frameworks, which when applied allows establishing and evaluating cybersecurity in the country , a survey of documentary information will be carried out on the models and reference frameworks that will allow establishing the steps that must be followed for its preparation. In addition to developing a reference framework for future projects on cybersecurity maturity models for nations. To propose the following model, the ISO 27001 standard and three fundamental cybersecurity frameworks were studied, such as: CMM (Cybersecurity Capacity Maturity Model for Nations), C2M2 (Cybersecurity Capacity Maturity Model for Organizations), and NIST CSF (National Institute of Standards). and Technology) (Cybersecurity Framework), to which two types of comparative analysis were carried out to obtain the phases presented below, and evaluation of cybersecurity capabilities in Ecuador. Following the phases proposed in this article, it was possible to develop three of the six planned, which are: Analysis of the Ecuadorian Context, Definition of Objectives and Development of the Model, the three missing ones were not developed since being a proposal it cannot be test, implement, evaluate and therefore improve. In conclusion, it was possible to develop a cybersecurity maturity model, with its domains and subdomains, establish the maturity levels, functions and category that will serve as a reference when evaluating Ecuador's cybersecurity capacity, in addition to serving as a guide for the development of other cybersecurity frameworks for nations. KEYWORDS Cybersecurity, Maturity Model, Ecuador, Technology, CMM, C2M2, NIST CSF.