Modelo de gestión de riesgos de tecnología de información para garantizar la continuidad del servicio en los procesos organizacionales en los institutos de educación superior tecnológicos públicos

Abstract

This research has public technological higher education institutes as a case study, which proposes an IT risk management model to guarantee the continuity of the service in its main processes, where 3 public institutes were analyzed to determine the current state of the processes of those institutes, obtaining as results that the IT areas have not identified the risks to which the institutions are exposed and they do not have a strategic IT plan, which generates that within the institutes there is no improvement in their organizational processes. The model is based on the harmonization of standards or frameworks that refer to risk management, which were analyzed in a general way to determine the impact on IT risk management to guarantee the service continuity in the organizational processes, of which only 3 were selected from a list of 6. The model was validated through expert judgment, which was based on the indicators of sufficiency, clarity, coherence and relevance to give the validity and acceptance of the proposed model. Finally, the model was applied in an institute which allowed it to improve IT risk management and guarantee the continuity of the service of its organizational processes, through compliance with the CBC licensing requirements.