Implementation of an Information Security Management System Based on the ISO/IEC 27001: 2013 Standard for the Information Technology Division

The Information Technologies Directorate of the Micaela Bastidas de Apurimac National University (UNAMBA) (UNAMBA Rationalization Office, «Organization and Functions Manual,» Abancay, 2018.), is in charge of managing the technologies and information; it also has to safeguard the computer assets under its responsibility. However, it does not have any plan, standard, or directive that allows correctly protecting the information. For this reason, our research aimed to contribute to improving the level of information security in the Information Technology Directorate (DTI) of UNAMBA, implementing the Information Security Management System based on the standard ISO/IEC 27001: 2013 (ISO 27001 - ISO 27001 Management Systems Software, «ISO Software,» 2018. [Online]. Available: https://www.isotools.org/normas/riesgos-y-seguridad/iso-27001/. [Last access: July 21, 2018].). This standard allows the assurance of the confidentiality, availability, and integrity of information and information systems.