Auditoría de sistemas al cumplimiento de los requerimientos 7, 8,  9  de la norma PCIDSS aplicada a Coral Hipermercado, Racar Plaza con corte a junio de 2015

Benenaula Lituma, Patricia María; Ortega López, Estefanía  Liseth

bachelorThesis

Fecha

2016

Registro en:

http://dspace.ucuenca.edu.ec/handle/123456789/25053

https://repositorioslatinoamericanos.uchile.cl/handle/2250/4595493

Autor

Benenaula Lituma, Patricia María

Ortega López, Estefanía Liseth

Institución

Universidad de Cuenca (Ecuador)

Resumen

Coral Hypermarket GO is a company dedicated to marketing of various massive consumer products. Due to demand that maintain and the level of transactions carried out on daily sales, for the convenience of its customers it offers various forms of payment including payment cards, same as for the current situation of the rise of computer systems and the need for data security against malicious acts brands of credit cards have seen necessary the mandatory implementation (both in stores and intermediary entities) of the PCI DSS Normative. Thus, the service they provide to cardholders, besides being improved, being safe in all instances. Through our research knowledge that the company Coral Hypermarket GO has not previously conducted an audit of the PCI DSS Normative was obtained, so that the implementation of the Normative may not be complete or appropriate, the company policies may not contain processes and procedures to be carried out, making the security access to data cardholders look vulnerable, likewise, authentications handling and physical security infrastructure, same that allows the safeguarding of equipment and therefore information. It was noted in the audit conducted of requirements 7, 8, 9 of the PCI DSS Normative that it has not been socialized as a whole, there are shortcomings in implementation since the use of authentications, access to data and physical security they are not correct, looking exposed information data of holders payment cards and the possibility of incurring in losses due to probable malicious acts that could be found exposed in the future. It is imperative to mention that the standard will help the meeting of the goals as long as they manage to reduce the shortcomings of their implementation or otherwise will proceed to make the necessary recommendations regarding the problems encountered for subsequent corrections so as to improve the management of the company.

Materias

Auditoria

Normativa Pci Dss

Programa De Auditoria

Gestion De Empresa

Contabilidad

Mostrar el registro completo del ítem