Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/145804
Title: | Elaboración de un Plan de Implementación de la ISO/IEC 27001:2017 para una empresa de servicios |
Author: | Bianchi Porro, Jacopo |
Tutor: | Segovia Henares, Antonio José |
Others: | Garrigues, Carles |
Abstract: | Information is today one of the main assets of organizations: protecting it and guaranteeing its confidentiality, integrity and availability is a very important task. For a company that offers consulting services on (among others) occupational safety, occupational medicine and training courses for employees, obtaining ISO 27001 certification not only ensures that is achieved an adequate level of safety in the information, but it is mandatory by law (in Italy) to work with public administrations and also, albeit informally, with banks. Reducing the scope of the certification to the software developed internally and used by consultants (one Windows application and two web Apps), and starting from a situation in which part of the procedures are the result of experience and are not codified (therefore present, at least partially, although not always applied or controlled) it has been possible to establish an action plan that allows to be ready for certification in less than a year. The work made possible to significantly increase the maturity level of compliance with the requirements of ISO/IEC 27001 and ISO/IEC 27002, moving from a critical situation to another undoubtedly satisfactory one, which, however, should be seen as a starting point and not an arrival point: it is necessary to improve less mature controls, carry out periodic reviews and audits, to seek adjustments against new threats and, possibly, to expand the scope of the information security management system. |
Keywords: | management systems information security privacy |
Document type: | info:eu-repo/semantics/masterThesis |
Issue Date: | Jun-2022 |
Publication license: | http://creativecommons.org/licenses/by-nc-nd/3.0/es/ |
Appears in Collections: | Trabajos finales de carrera, trabajos de investigación, etc. |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
jbianchiporroTFM0622memoria.pdf | Memoria del TFM | 3,4 MB | Adobe PDF | View/Open |
Share:
This item is licensed under a Creative Commons License