Evaluación del riesgo informático en el centro de cómputo de la biblioteca de la UAIC de la Utmach.

Abstract

The present documentation has the belonging to address the subject of computer auditing, as a professional axis of the accounting and auditing career, being an interdisciplinary science that underpins business and institutional development through the benefits of computer systems. The computer centers are a didactic tool in the contemporary training process, however, they expose a series of vulnerabilities and risks derived from both their logical and physical part by the users, this hinders academic performance and infers on the usefulness of the services gestated in TIC`s. There is an urgent need to take advantage of or optimize academy functions through digital systems; but it does not operate properly around adverse conditions from the perspective of security, therefore, this project aims to assess the computer risk in the computers of the library of the Civil Engineering Academic Unit through a systematic analysis, to propose tangible and intangible controls that minimize threats and increase the protection of both data and computing resources in general. The risk assessment depends on the methodology used to measure its impact, in this case Cobit 5 is used, competent to the computer audit and qualitative assessment, denoting a level of risk Medium versus a control Good that responds superficially iterating the key aspects outlined by the TIC`s management, there is no external auditor or a macro management plan, being a latent weakness throughout the UTMACH.