Alinhamento entre COBIT e ISO 27005:2008 na gestão de riscos de TI
dc.contributor.advisor | Brodbeck, Henrique Jorge | |
dc.contributor.author | Fuchs, Jean Michel | |
dc.date.accessioned | 2017-10-05T13:44:42Z | |
dc.date.accessioned | 2022-09-22T19:27:10Z | |
dc.date.available | 2017-10-05T13:44:42Z | |
dc.date.available | 2022-09-22T19:27:10Z | |
dc.date.issued | 2010 | |
dc.identifier.uri | https://hdl.handle.net/20.500.12032/61042 | |
dc.description.abstract | Nowadays Risk Management (RM) in Information Security (IS) has become indispensable for business organizations and it has been triggered several times by the necessity of acting in response to laws, regulations, standards or norms. When facing the challenge to implement RM in effective SI, managers end up developing actions without delineating any structure or work methodology. Therefore the expected objective is not reached what generates redoing and costs for the company. The objective of the work presented here is to elaborate a structured model in stages to implement RM for IS which is aligned to PO09 process “Assess and Manage IT Risks” from CobiT 4.1 and regulations from NBR ISO/IEC 27005:2008 thus defining an order for the implementation of the main actions to be executed. Through this structured model, it gets evident that the usage of only one norm or framework is not enough; being necessary a complement of one or more norms or framework to expand the scope of RM in IS in order to assure its effectiveness. | en |
dc.publisher | Universidade do Vale do Rio dos Sinos | pt_BR |
dc.subject | Gestão de riscos | pt_BR |
dc.subject | Risk management | en |
dc.title | Alinhamento entre COBIT e ISO 27005:2008 na gestão de riscos de TI | pt_BR |
dc.type | TCC | pt_BR |
Files in this item
Files | Size | Format | View |
---|---|---|---|
Jean Michel Fuchs_.pdf | 631.0Kb | application/pdf | View/ |