Information security and the benefits of ISO/IEC 27002:2013

Authors

  • Manuel Fernando Pumasunco Rivera Universidad San Martin de Porres, Lima, Perú https://orcid.org/0000-0002-4394-8526
  • Candy Esther Seminario Sanchez Universidad Nacional Mayor de San Marcos, Lima, Peru

DOI:

https://doi.org/10.15381/risi.v17i2.29916

Keywords:

Information security, ISO 27001, ISO 27002, Cybersecurity, Information Security Management System

Abstract

The justification is due to the growing threat in information security issues and constant cases of computer theft from companies or organizations.

The objective of this research is to provide the benefits of an Information Security Management System (ISMS) based on the ISO 27002:2013 standard, which includes controls to be implemented by the company or organization that will help protect its information and involve aspects cybersecurity.

The research is exploratory, because the topic is little investigated and also non-experimental in design because the variables will not be altered, induced or modified.

As a result, we have the confirmation and effectiveness of the controls of the ISO 27002 Standard understood in a transversal way for any business sector, and that it is not necessary to achieve a certification of the ISO 27001 standard, in order to apply the controls suggested by the standard and achieve the objective of information security.

Downloads

Download data is not yet available.

Downloads

Published

2024-12-31

Issue

Vol. 17 No. 2 (2024)

Section

Artículos

License

Copyright (c) 2024 Manuel Fernando Pumasunco Rivera, Candy Esther Seminario Sanchez

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

AUTHORS RETAIN THEIR RIGHTS:

a. Authors retain their trade mark rights and patent, and also on any process or procedure described in the article.

b. Authors retain their right to share, copy, distribute, perform and publicly communicate their article (eg, to place their article in an institutional repository or publish it in a book), with an acknowledgment of its initial publication in the Revista de investigación de Sistemas e Informática. 

c. Authors retain theirs right to make a subsequent publication of their work, to use the article or any part thereof (eg a compilation of his papers, lecture notes, thesis, or a book), always indicating its initial publication in the Revista de investigación de Sistemas e Informática (the originator of the work, journal, volume, number and date).

How to Cite

[1]
“Information security and the benefits of ISO/IEC 27002:2013”, Rev.Investig.sist.inform., vol. 17, no. 2, pp. 45–49, Dec. 2024, doi: 10.15381/risi.v17i2.29916.