Creación de Políticas de Seguridad de la Información a partir de un Análisis de Riesgos de los Activos de la Información dentro de la Unidad Académica de Psicología de la Universidad Autónoma de Zacatecas

The Autonomous University of Zacatecas has sensitive information on different axes; starting from personal information, academic projects and management of financial, technological and institutional resources. All this information constitutes, by nature, a series of assets that will always be import...

Descripción completa

Detalles Bibliográficos
Autores: Moreno Zamudio, Tomás de Jesús, Carlos Alberto Olvera Olvera
Tipo de recurso: tesis de maestría
Estado:Versión publicada
Fecha de publicación:2020
País:México
Institución:Universidad Autónoma de Zacatecas
Repositorio:Repositorio Institucional Caxcán
Idioma:español
OAI Identifier:oai:http://ricaxcan.uaz.edu.mx:20.500.11845/2091
Acceso en línea:http://ricaxcan.uaz.edu.mx/jspui/handle/20.500.11845/2091
Access Level:acceso abierto
Palabra clave:INGENIERIA Y TECNOLOGIA [7]
Seguridad de la Información
Gestión de la Seguridad de la Información
Políticas de Seguridad
Análisis de Riesgos
Descripción
Sumario:The Autonomous University of Zacatecas has sensitive information on different axes; starting from personal information, academic projects and management of financial, technological and institutional resources. All this information constitutes, by nature, a series of assets that will always be important for any educational organization. In this logic, this research arises from the interest of implementing Information Security Policies to be able to adequately manage risks by administrative personnel who have direct contact with said information assets, specifically within the Academic Unit of Psychology. The focus of the present investigation is quantitative, using the non- experimental method, through a cross-sectional design, where the characteristic of data collection was carried out in a single moment and was descriptive. The results of the present investigation show, through a risk analysis matrix, different vulnerabilities of the information assets of this institution, a tool that set the standard to be able to adequately justify the risk mitigation measures. Based on this, an exhaustive search for good information security practices was carried out to display a series of recommendations that will help prevent many of the vulnerabilities and risks found in each information asset; All of these recommendations were incorporated through the creation of a Security Policy within the Administrative Area of the Academic Psychology Unit of the Benemérita Universidad Autónoma de Zacatecas.