A proposal for the management of the information security applied to a Colombian public entity
Information is considered today one of the most important resources in organizations, not only as fundamental input of processes, but as a resource to properly run allows to define organizational strategies, what has not been outside in the public sector, especially in what it has to do with its pro...
- Autores:
- Tipo de recurso:
- Article of journal
- Fecha de publicación:
- 2019
- Institución:
- Universidad Católica de Pereira
- Repositorio:
- Repositorio Institucional - RIBUC
- Idioma:
- spa
- OAI Identifier:
- oai:repositorio.ucp.edu.co:10785/13640
- Acceso en línea:
- https://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/1136
http://hdl.handle.net/10785/13640
- Palabra clave:
- Rights
- openAccess
- License
- Derechos de autor 2019 Entre Ciencia e Ingeniería
| id |
RepoRIBUC2_9bf4da4a94e1d0bfcb7d6f2ad15e6d74 |
|---|---|
| oai_identifier_str |
oai:repositorio.ucp.edu.co:10785/13640 |
| network_acronym_str |
RepoRIBUC2 |
| network_name_str |
Repositorio Institucional - RIBUC |
| repository_id_str |
|
| dc.title.eng.fl_str_mv |
A proposal for the management of the information security applied to a Colombian public entity |
| dc.title.spa.fl_str_mv |
Una propuesta de gestión de la seguridad de la información aplicado a una entidad pública colombiana |
| title |
A proposal for the management of the information security applied to a Colombian public entity |
| spellingShingle |
A proposal for the management of the information security applied to a Colombian public entity |
| title_short |
A proposal for the management of the information security applied to a Colombian public entity |
| title_full |
A proposal for the management of the information security applied to a Colombian public entity |
| title_fullStr |
A proposal for the management of the information security applied to a Colombian public entity |
| title_full_unstemmed |
A proposal for the management of the information security applied to a Colombian public entity |
| title_sort |
A proposal for the management of the information security applied to a Colombian public entity |
| description |
Information is considered today one of the most important resources in organizations, not only as fundamental input of processes, but as a resource to properly run allows to define organizational strategies, what has not been outside in the public sector, especially in what it has to do with its protection. This article aims to present a case for the application of the management of information security in a public entity, using, prior review of the literature, four international information security standards) ISO/IEC 27001:2013, ISO/IEC 27002:2013, ISO/IEC 27003:2010 and ISO/IEC 27005:2008) and their contextualization in Colombia, from the guidelines laid down by the Ministry of information technologies. Resulted in the development of a methodology adjusted to the needs of the public entity with management of risk and controls relevant indicators and parameters to reduce the uncertainty in the management of information. The contributions made by this work is related to the integration of international standards of security of the information and their contextualization in a Government area, responding to regulatory requirements and allowing once After implementation, having a relevant methodological development that allows the public organization develop information security management processes continuously. |
| publishDate |
2019 |
| dc.date.issued.none.fl_str_mv |
2019-06-06 |
| dc.date.accessioned.none.fl_str_mv |
2023-08-29T03:49:32Z |
| dc.date.available.none.fl_str_mv |
2023-08-29T03:49:32Z |
| dc.type.spa.fl_str_mv |
Artículo de revista |
| dc.type.coar.fl_str_mv |
http://purl.org/coar/resource_type/c_2df8fbb1 |
| dc.type.coar.none.fl_str_mv |
http://purl.org/coar/resource_type/c_6501 |
| dc.type.coarversion.none.fl_str_mv |
http://purl.org/coar/version/c_970fb48d4fbd8a85 |
| dc.type.driver.none.fl_str_mv |
info:eu-repo/semantics/article |
| dc.type.version.none.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| format |
http://purl.org/coar/resource_type/c_6501 |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
https://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/1136 10.31908/19098367.4016 |
| dc.identifier.uri.none.fl_str_mv |
http://hdl.handle.net/10785/13640 |
| url |
https://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/1136 http://hdl.handle.net/10785/13640 |
| identifier_str_mv |
10.31908/19098367.4016 |
| dc.language.none.fl_str_mv |
spa |
| language |
spa |
| dc.relation.none.fl_str_mv |
https://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/1136/1107 https://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/1136/2564 |
| dc.rights.spa.fl_str_mv |
Derechos de autor 2019 Entre Ciencia e Ingeniería https://creativecommons.org/licenses/by-nc/4.0/deed.es_ES |
| dc.rights.uri.spa.fl_str_mv |
https://creativecommons.org/licenses/by-nc/4.0/deed.es_ES |
| dc.rights.accessrights.spa.fl_str_mv |
info:eu-repo/semantics/openAccess |
| dc.rights.coar.spa.fl_str_mv |
http://purl.org/coar/access_right/c_abf2 |
| rights_invalid_str_mv |
Derechos de autor 2019 Entre Ciencia e Ingeniería https://creativecommons.org/licenses/by-nc/4.0/deed.es_ES http://purl.org/coar/access_right/c_abf2 |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf application/xml |
| dc.publisher.spa.fl_str_mv |
Universidad Católica de Pereira |
| dc.source.eng.fl_str_mv |
Entre ciencia e ingeniería; Vol. 13 Núm. 25 (2019); 68-76 |
| dc.source.spa.fl_str_mv |
Entre Ciencia e Ingeniería; Vol. 13 Núm. 25 (2019); 68-76 |
| dc.source.por.fl_str_mv |
Entre ciencia e ingeniería; Vol. 13 Núm. 25 (2019); 68-76 |
| dc.source.none.fl_str_mv |
2539-4169 1909-8367 |
| institution |
Universidad Católica de Pereira |
| repository.name.fl_str_mv |
Repositorio Institucional de la Universidad Católica de Pereira - RIBUC |
| repository.mail.fl_str_mv |
bdigital@metabiblioteca.com |
| _version_ |
1831929518413053952 |
| spelling |
2023-08-29T03:49:32Z2023-08-29T03:49:32Z2019-06-06https://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/113610.31908/19098367.4016http://hdl.handle.net/10785/13640Information is considered today one of the most important resources in organizations, not only as fundamental input of processes, but as a resource to properly run allows to define organizational strategies, what has not been outside in the public sector, especially in what it has to do with its protection. This article aims to present a case for the application of the management of information security in a public entity, using, prior review of the literature, four international information security standards) ISO/IEC 27001:2013, ISO/IEC 27002:2013, ISO/IEC 27003:2010 and ISO/IEC 27005:2008) and their contextualization in Colombia, from the guidelines laid down by the Ministry of information technologies. Resulted in the development of a methodology adjusted to the needs of the public entity with management of risk and controls relevant indicators and parameters to reduce the uncertainty in the management of information. The contributions made by this work is related to the integration of international standards of security of the information and their contextualization in a Government area, responding to regulatory requirements and allowing once After implementation, having a relevant methodological development that allows the public organization develop information security management processes continuously.La información es considerada actualmente uno de los recursos más importantes en las organizaciones, no solo como insumo fundamental de los procesos, sino como recurso que adecuadamente gestionado permite delimitar estrategias organizacionales, lo que no ha sido ajeno en el sector público, en especial en lo que tiene que ver con su protección. El presente artículo tiene como objetivo presentar un caso de aplicación de la gestión de seguridad de la información en una entidad pública, utilizando para ello, previa revisión de la literatura, cuatro de los estándares internacionales de seguridad de la información (ISO/IEC 27001:2013, ISO/IEC 27002:2013, ISO/IEC 27003:2010 e ISO/IEC 27005:2008) y su contextualización en Colombia, a partir de las directrices establecidas por el Ministerio de Tecnologías de Información. Se obtuvo como resultado el desarrollo de una metodología ajustada a las necesidades de la entidad pública con parámetros e indicadores de gestión del riesgo y controles pertinentes para disminuir la incertidumbre en la gestión de la información. El aporte realizado por el presente trabajo está relacionado con la integración de estándares internacionales de seguridad de la información y su contextualización en un ámbito gubernamental, dando respuesta a requerimientos regulatorios y permitiendo una vez finalizada la implementación, contar con un desarrollo metodológico pertinente que le permite a la organización pública desarrollar de forma continuada los procesos de gestión de seguridad de la información.application/pdfapplication/xmlspaUniversidad Católica de Pereirahttps://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/1136/1107https://revistas.ucp.edu.co/index.php/entrecienciaeingenieria/article/view/1136/2564Derechos de autor 2019 Entre Ciencia e Ingenieríahttps://creativecommons.org/licenses/by-nc/4.0/deed.es_EShttps://creativecommons.org/licenses/by-nc/4.0/deed.es_ESinfo:eu-repo/semantics/openAccesshttp://purl.org/coar/access_right/c_abf2Entre ciencia e ingeniería; Vol. 13 Núm. 25 (2019); 68-76Entre Ciencia e Ingeniería; Vol. 13 Núm. 25 (2019); 68-76Entre ciencia e ingeniería; Vol. 13 Núm. 25 (2019); 68-762539-41691909-8367A proposal for the management of the information security applied to a Colombian public entityUna propuesta de gestión de la seguridad de la información aplicado a una entidad pública colombianaArtículo de revistahttp://purl.org/coar/resource_type/c_6501http://purl.org/coar/resource_type/c_2df8fbb1http://purl.org/coar/version/c_970fb48d4fbd8a85info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionCarvajal Portilla, Diana LizethCardona Londoño, ArturoValencia Duque, Francisco JavierPublication10785/13640oai:repositorio.ucp.edu.co:10785/136402025-01-27 19:00:13.588https://creativecommons.org/licenses/by-nc/4.0/deed.es_ESDerechos de autor 2019 Entre Ciencia e Ingenieríametadata.onlyhttps://repositorio.ucp.edu.coRepositorio Institucional de la Universidad Católica de Pereira - RIBUCbdigital@metabiblioteca.com |