Examinando por Autor "Muñoz Muñoz, Juan Fernando"
Mostrando 1 - 1 de 1
Resultados por página
Opciones de ordenación
- ÍtemAcceso AbiertoDesarrollo de software de análisis de riesgos y gestión de seguridad basado en ISO 27001, Cañar- Ecuador.(Universidad Catolica de Cuenca extension Cañar, 2021-11-16) Muñoz Muñoz, Juan Fernando; Flores Urgiles, Cristian Humberto; 030271231-0Abstract The present paper involves the development of software for the security risk analyses, which allows defining the necessary controls to compile with all protective requirements of an organization`s essets. In order to develop this research project, a software-development methodology was defined, in accordance with the project`s necessities. Once the methodology was defined. A software that allows the use of the MAGERIT methodology was designed and developed, to effectively and efficiently analyze the risks, showing the norm ISO/IEC27001 controls, such system allows to conduct an informatics-risk analysis thru the essessment of assets, impact, probability, identifying the threat index and the risk level of the assets. Finally, the software was tested by entering the essets, and providing it with the respective mark, some threats to such assets were identified,the impact and probability were marked to obtain the risk level, if the level is high, the necessary controls are presented for each threat to mitigate the risk. Keywords: MAGERIT, risk management, controls, ISO/IEC27001