Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/150577
Title: Plan de Implementación del SGSI basado en la ISO/IEC 27001:2022 de la empresa TRADUX
Author: Busto Pérez de Mendiguren, Estíbaliz
Tutor: Moreno Fernández, Iñaki
Others: Marco-Simó, Josep Maria  
Abstract: Information is one of the main assets that any organization has. Its confidentiality, integrity and availability must be preserved to achieve business objectives. Therefore, the objective of this project is the preparation of an Implementation Plan for an Information Security Management System (ISMS) of the fictitious organization TRADUX, translation and interpretation company, following the ISO/IEC 27001:2022. It begins with the description of the organization and a differential analysis of ISO 27001:2022 and ISO 27002:2022 as the basic references of the document. Next, all the documents necessary for regulatory compliance with ISO 27001:2022 are defined using the risk analysis methodology based on MAGERIT. Subsequently, different projects are proposed with the purpose of reducing the main risks found and improving the information security of said organization. Finally, the compliance audit will be carried out where the degree of maturity of the ISO 27002:2022 controls will be evaluated and thus know the information security status of TRADUX.
Keywords: ISO 27001:2022
MAGERIT
SGSI
ISO 27002:2022
Document type: info:eu-repo/semantics/masterThesis
Issue Date: Jun-2024
Publication license: http://creativecommons.org/licenses/by-nc-nd/3.0/es/  
Appears in Collections:Trabajos finales de carrera, trabajos de investigación, etc.

Files in This Item:
File Description SizeFormat 
ebustopeTFM0624.pdfMemoria del TFM3,08 MBAdobe PDFThumbnail
View/Open
Share:
Export:
View statistics

This item is licensed under aCreative Commons License Creative Commons