Development of a Security Master Plan for Virtual Technological Infrastructures in Public Educational Institutions: Application of COBIT® 2019
保存先:
| 著者: | |
|---|---|
| フォーマット: | artículo original |
| 状態: | Versión publicada |
| 出版日付: | 2025 |
| その他の書誌記述: | This article presents the development of a Security Master Plan based on COBIT® 2019, applied to the virtual technological infrastructure of a public educational institution, the Universidad Estatal a Distancia (UNED) in Costa Rica. The study explores the context of the institution’s technological platform and using standards in accordance with the field of computer security, identifying the main weaknesses of the virtual infrastructure to establish a case study. Based on this case study, solutions are proposed following best practices in IT governance and management through the initiatives included in the resulting Security Master Plan. The methodological approach to achieve the research goal included a situational analysis of UNED and the application of the COBIT® 2019 design guide to customize governance and management controls. The results obtained allowed us to select critical processes pointing to the need to implement an Information Security Management System (ISMS) as an organizational priority in light of COBIT® 2019, along with other aspects such as compliance, business continuity management, and incident management, among others. Consequently, this work provides a solid alternative to generate security plans in institutions with virtual infrastructures, even when their business model is different from the UNED case study. |
| 国: | Portal de Revistas TEC |
| 機関: | Instituto Tecnológico de Costa Rica |
| Repositorio: | Portal de Revistas TEC |
| 言語: | Español |
| OAI Identifier: | oai:ojs.pkp.sfu.ca:article/7590 |
| オンライン・アクセス: | https://revistas.tec.ac.cr/index.php/tec_marcha/article/view/7590 |
| キーワード: | Distance education Public education Digital platforms Data protection Computer security Data centers Standardization Risk management COBIT® 2019 Educación a distancia Universidad pública Plataforma digital Seguridad de los datos Centro de datos Normalización Gestión de riesgos |