Tesis
Auditoría informática a la “Cooperativa de Ahorro y Crédito Riobamba Ltda.”, agencia matriz, cantón Riobamba, provincia de Chimborazo, periodo 2020
Fecha
2022-06-07Registro en:
Núñez Bustillos, Abel Ismael. (2022). Auditoría informática a la “Cooperativa de Ahorro y Crédito Riobamba Ltda.”, agencia matriz, cantón Riobamba, provincia de Chimborazo, periodo 2020. Escuela Superior Politécnica de Chimborazo. Riobamba.
Autor
Núñez Bustillos, Abel Ismael
Resumen
The objective of this research was to carry out a Computer Audit of the "Cooperativa de Ahorro y Crédito Riobamba Ltda." Riobamba canton agency, Chimborazo province, period 2020; to review and evaluate the controls, systems, and security in the management of information and computer resources; through the analysis of the entity's Information and Communication Technologies Unit. The deductive, inductive, systematic, and synthetic, analytical methods were applied to collect reliable, truthful, and timely information. Other research instruments and techniques included an interview with the Head of the UTIC, and a survey of the UTIC technicians and the COAC officials, to identify the current situation of the entity. In addition, the Integrated Internal Control Framework COSO II or COSO ERM served as the basis for the questionnaires that allowed determining the factors that affect the integrity, reliability, and reliability of the information, showing a level of confidence of 86.90% and a risk level of 13.10%. Resource efficiency indicators were also developed, efficiency in the processes, budgetary, and logical security indicators. These indicators determined aspects such as the lack of socialization of the computer system's policies to use to the personnel, lack of evaluation of Information Security Management through the ISO 27001 Standard, lack of emergency exit, inadequate facilities with little space, and improper handling of computer equipment. Finally, after the Computer Audit stages, the Report suggesting the highest authority of the COAC Riobamba, the Head of the UTIC, and all the personnel laboring at the entity was issued to consider the conclusions and recommendations to implement corrective measures to protect the integrity of technological and computer resources.