Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/126386
Title: | Plan Director de Seguridad en la Administración Local bajo la perspectiva de la Calidad del Dato |
Author: | Asensio Palao, Ramón |
Director: | Garrigues, Carles |
Tutor: | Segovia Henares, Antonio José |
Abstract: | Practical work to implement a Security Master Plan in a Spanish Local Public Administration under the protection of standards such as the National Security Scheme (ENS) and ISO/IEC 27001, while considering the quality of the data and its interoperability. A new simple application methodology on ISO 25012 is created to find a balance that allows us to have secure and applicable information systems. An implementation of the ENS conditioned by ISO 25012 is approached to later move closer to ISO/IEC 27001 and obtain the advantages of the three standards. We develop all the necessary main documentation, a risk analysis is carried out using MAGERIT methodology, we propose projects to improve the security of the information system by substituting those parts that do not meet the data quality objectives and we carry out an audit to evaluate the compliance with regulations. Our approach from ENS to ISO/IEC 27001 has allowed us to prioritize those high risk projects, always assuming the approval of the administration's high direction, we have managed to improve security in both standards although more progress has been made in ENS than in ISO/IEC 27001, due to the type of approach made for a public entity. The screening of ISO 25012 projects has enabled us to not invest resources in parts of the system that are better replaced than secured, and has managed to put the citizen at the center of electronic administration. |
Keywords: | ISMS National Security Framework ISO 25012 MAGERIT National Interoperability Schema ISO 27001 |
Document type: | info:eu-repo/semantics/masterThesis |
Issue Date: | 28-Dec-2020 |
Publication license: | http://creativecommons.org/licenses/by-nc-nd/3.0/es/ |
Appears in Collections: | Trabajos finales de carrera, trabajos de investigación, etc. |
Files in This Item:
Share:
This item is licensed under a Creative Commons License