Resumen

CARVAJAL, D. L.; CARDONA, A.  y  VALENCIA, F. J.. A proposal for the management of the information security applied to a Colombian public entity. Entre Ciencia e Ingenieria [online]. 2019, vol.13, n.25, pp.68-76. ISSN 1909-8367.  https://doi.org/10.31908/19098367.4016.

Information is considered today one of the most important resources in organizations, not only as fundamental input of processes, but as a resource to properly run allows to define organizational strategies, what has not been outside in the public sector, especially in what it has to do with its protection. This article aims to present a case for the application of the management of information security in a public entity, using, prior review of the literature, four international information security standards) ISO/IEC 27001:2013, ISO/IEC 27002:2013, ISO/IEC 27003:2010 and ISO/IEC 27005:2008) and their contextualization in Colombia, from the guidelines laid down by the Ministry of information technologies. Resulted in the development of a methodology adjusted to the needs of the public entity with management of risk and controls relevant indicators and parameters to reduce the uncertainty in the management of information. The contributions made by this work is related to the integration of international standards of security of the information and their contextualization in a Government area, responding to regulatory requirements and allowing once After implementation, having a relevant methodological development that allows the public organization develop information security management processes continuously.

Palabras clave : Information Security; ISO/IEC 27000; ISMS; IT Risks..

        · resumen en Español     · texto en Español     · Español ( pdf )