masterThesis
Elaboración de las políticas de seguridad de la información para el Consejo Nacional Electoral del Ecuador
Fecha
2017Autor
Quinteros Basantes, Jeffrey Badí
Institución
Resumen
This work evaluates information security measures of the National Electoral Council of Ecuador (NEC) in order to improve its security level in electoral and non-electoral processes. The National Electoral Council of Ecuador holds the responsibility of “…monitor and guarantee, in a transparent way, the electoral processes…” (Constituent National Assembly, 2008), so it is necessary to implement information security policies, which will allow to have regulations that help manage the information security in an effective way, so that treats and risks can be diminished; better yet, to increase control that guarantees confidentiality, integrity, and availability of the information which the National Electoral Council is responsible for.
Therefore, this work builds up Security Information Policies for the National Electoral Council of Ecuador using ISO/IEC 27001:2013 regulations, which tend to protect computer data, its physical access and use restrictions, responsibility from public servants that are part of the NEC, among others.
In addition, it has been taken into consideration that Technical Norms have been elaborated in Ecuador; for instance, NTE INEN-ISO/IEC 27000 to manage Information Security fields. Moreover, the government’s Information Security scheme was taken into account as a relevant source for the development of the Information Security Policies since they are used by the Executive Function of Ecuador.