{"id":27044,"date":"2022-09-12T15:48:16","date_gmt":"2022-09-12T15:48:16","guid":{"rendered":"https:\/\/www.all4integrity.org\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/"},"modified":"2022-11-11T22:19:55","modified_gmt":"2022-11-11T22:19:55","password":"","slug":"dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity","status":"publish","type":"docs","link":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/","title":{"rendered":"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity"},"content":{"rendered":"<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img fetchpriority=\"high\" decoding=\"async\" width=\"668\" height=\"947\" src=\"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg\" alt=\"\" class=\"wp-image-23847\" srcset=\"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg 668w, https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica-212x300.jpg 212w, https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica-370x525.jpg 370w, https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica-410x581.jpg 410w\" sizes=\"(max-width: 668px) 100vw, 668px\" \/><\/figure><\/div>\n<p><strong>[Abstract]<\/strong><\/p>\n\n<p>The increase in the production of digital information, the challenges to secure communication and the maintenance and safeguarding of data go hand in hand with an increase in cybercrime manifested through intrusion techniques and vulnerability exploitation. This scenario requires companies to improve their security paradigms, otherwise they risk compromising an asset that is fundamental to their very existence: INFORMATION.<\/p>\n\n<p>To better face the dangers and challenges of presence in cyberspace, the public company Investimentos Habitacionais da Madeira, EPERAM (IHM) intended to analyze and raise the level of security of information and communications following the best practices in this area, because, despite the procedures already in place, security events are still mostly addressed downstream and reactively. After investigating the state of the art on standards, frameworks and certifications for information security, consulting related legislation and conducting an analysis of the company&#8217;s current situation, a methodology was proposed, based on risk management, for the establishment, implementation, maintenance and continuous improvement of an information security management system, through a set of 18 processes framed in the NP ISO\/IEC 27001:2013 standard. In parallel, to ensure its sustainability, the continuous PDCA cycle was applied, which was useful so that safety controls could already be implemented and measured. The NIST SP 800-61r2 standard, with 4 processes, was incorporated into the proposed methodology, due to its specificity in the field of incident management.<\/p>\n\n<p>The implementation resulted in the definition of 8 policies, accompanied by 47 security controls, of which 37 were measured. The results allowed us to identify the most pressing improvements needed through a color scheme. The use of the corporate governance and information technology management model &#8211; COBIT 5 &#8211; contributed to the subsequent analysis of the processes&#8217; capacity and measurement of their maturity.<\/p>\n\n<p><strong>Keywords:<\/strong> Information security; Risk management; ISO\/IEC Standard 27001:2013; Security policies; Operations security; Communications security; NIST Standard SP 800-61r2; Incident management; COBIT Framework 5; RGPD; Auditing;<\/p>\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer sc_height_medium\"><\/div>\n\n<p><strong>Publication Year:<\/strong> 2018<\/p>\n\n<p><strong>Student:<\/strong> <a href=\"http:\/\/chrome-extension:\/\/efaidnbmnnnibpcajpcglclefindmkaj\/https:\/\/www.gov.br\/cgu\/pt-br\/acesso-a-informacao\/institucional\/quem-e-quem\/curriculos\/curriculo_marcio_denys_pessanha_goncalves.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Carla Margarida Rocha Carvalho<\/a><\/p>\n\n<p><strong>Advisor:<\/strong> Prof. Dr. <a href=\"https:\/\/www.uma.pt\/directorio\/eduardo-marques\/\" target=\"_blank\" rel=\"noreferrer noopener\">Eduardo Miguel Dias Marques<\/a><\/p>\n\n<p><strong>Program:<\/strong> <a href=\"https:\/\/www.uma.pt\/ensino\/2o-ciclo\/mestrado-em-engenharia-informatica\/\" target=\"_blank\" rel=\"noreferrer noopener\">Master of Science in Infromatics Engineering<\/a><\/p>\n\n<p><strong>University:<\/strong> <a href=\"https:\/\/www.uma.pt\/\" target=\"_blank\" rel=\"noreferrer noopener\">University of Madeira<\/a> (Portugal)<\/p>\n\n<p><strong>More information:<\/strong> <a href=\"https:\/\/digituma.uma.pt\/bitstream\/10400.13\/2231\/1\/MestradoCarlaCarvalho.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/digituma.uma.pt\/bitstream\/10400.13\/2231\/1\/MestradoCarlaCarvalho.pdf<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[Abstract] The increase in the production of digital information, the challenges to secure communication and&hellip;<\/p>\n","protected":false},"author":98,"featured_media":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"doc_category":[354],"doc_tag":[331,333],"class_list":["post-27044","docs","type-docs","status-publish","hentry","doc_category-business-activity-infrastructure-energy","doc_tag-academia-research","doc_tag-theses-dissertations"],"acf":[],"year_month":"2026-04","word_count":345,"total_views":"192","reactions":{"happy":"0","normal":"0","sad":"0"},"author_info":{"name":"escolas","author_nicename":"escolas","author_url":"https:\/\/www.all4integrity.org\/en\/author\/escolas\/"},"doc_category_info":[{"term_name":"Business Activity, Infrastructure &amp; Energy","term_url":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/categoria\/business-activity-infrastructure-energy\/"}],"doc_tag_info":[{"term_name":"Academia &amp; Research","term_url":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/tag\/academia-research\/"},{"term_name":"Theses &amp; Dissertations","term_url":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/tag\/theses-dissertations\/"}],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity - ALL4INTEGRITY<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity - ALL4INTEGRITY\" \/>\n<meta property=\"og:description\" content=\"[Abstract] The increase in the production of digital information, the challenges to secure communication and&hellip;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/\" \/>\n<meta property=\"og:site_name\" content=\"ALL4INTEGRITY\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/all4integrity\/\" \/>\n<meta property=\"article:modified_time\" content=\"2022-11-11T22:19:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@All4Integrity\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/\",\"url\":\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/\",\"name\":\"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity - ALL4INTEGRITY\",\"isPartOf\":{\"@id\":\"https:\/\/www.all4integrity.org\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg\",\"datePublished\":\"2022-09-12T15:48:16+00:00\",\"dateModified\":\"2022-11-11T22:19:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#primaryimage\",\"url\":\"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg\",\"contentUrl\":\"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.all4integrity.org\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.all4integrity.org\/en\/#website\",\"url\":\"https:\/\/www.all4integrity.org\/en\/\",\"name\":\"ALL4INTEGRITY\",\"description\":\"Mobiliza\u00e7\u00e3o e Solu\u00e7\u00f5es contra a Corrup\u00e7\u00e3o\",\"publisher\":{\"@id\":\"https:\/\/www.all4integrity.org\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.all4integrity.org\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.all4integrity.org\/en\/#organization\",\"name\":\"All4Integrity\",\"url\":\"https:\/\/www.all4integrity.org\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.all4integrity.org\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/all4integrity.org\/wp-content\/uploads\/2022\/05\/logotipo-all4integrity-1.png\",\"contentUrl\":\"https:\/\/all4integrity.org\/wp-content\/uploads\/2022\/05\/logotipo-all4integrity-1.png\",\"width\":600,\"height\":137,\"caption\":\"All4Integrity\"},\"image\":{\"@id\":\"https:\/\/www.all4integrity.org\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/all4integrity\/\",\"https:\/\/x.com\/All4Integrity\",\"https:\/\/www.instagram.com\/all_4_integrity\/\",\"https:\/\/www.youtube.com\/channel\/UC03HJFKiaCStfIHFnfdRbvA\",\"https:\/\/www.linkedin.com\/company\/associao-all4integrity\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity - ALL4INTEGRITY","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/","og_locale":"en_US","og_type":"article","og_title":"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity - ALL4INTEGRITY","og_description":"[Abstract] The increase in the production of digital information, the challenges to secure communication and&hellip;","og_url":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/","og_site_name":"ALL4INTEGRITY","article_publisher":"https:\/\/www.facebook.com\/all4integrity\/","article_modified_time":"2022-11-11T22:19:55+00:00","og_image":[{"url":"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_site":"@All4Integrity","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/","url":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/","name":"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity - ALL4INTEGRITY","isPartOf":{"@id":"https:\/\/www.all4integrity.org\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#primaryimage"},"image":{"@id":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#primaryimage"},"thumbnailUrl":"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg","datePublished":"2022-09-12T15:48:16+00:00","dateModified":"2022-11-11T22:19:55+00:00","breadcrumb":{"@id":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#primaryimage","url":"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg","contentUrl":"https:\/\/www.all4integrity.org\/wp-content\/uploads\/2022\/09\/UMA-Seguranca-e-Auditoria-em-Sistemas-de-Informacao-e-Comunicacao-Implementacao-numa-entidade-publica.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.all4integrity.org\/en\/tech4integrity\/knowledge-center\/dissertation-information-and-communication-systems-security-and-auditing-implementation-in-a-public-entity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.all4integrity.org\/en\/"},{"@type":"ListItem","position":2,"name":"Dissertation: Information and Communication Systems Security and Auditing Implementation in a public entity"}]},{"@type":"WebSite","@id":"https:\/\/www.all4integrity.org\/en\/#website","url":"https:\/\/www.all4integrity.org\/en\/","name":"ALL4INTEGRITY","description":"Mobiliza\u00e7\u00e3o e Solu\u00e7\u00f5es contra a Corrup\u00e7\u00e3o","publisher":{"@id":"https:\/\/www.all4integrity.org\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.all4integrity.org\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.all4integrity.org\/en\/#organization","name":"All4Integrity","url":"https:\/\/www.all4integrity.org\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.all4integrity.org\/en\/#\/schema\/logo\/image\/","url":"https:\/\/all4integrity.org\/wp-content\/uploads\/2022\/05\/logotipo-all4integrity-1.png","contentUrl":"https:\/\/all4integrity.org\/wp-content\/uploads\/2022\/05\/logotipo-all4integrity-1.png","width":600,"height":137,"caption":"All4Integrity"},"image":{"@id":"https:\/\/www.all4integrity.org\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/all4integrity\/","https:\/\/x.com\/All4Integrity","https:\/\/www.instagram.com\/all_4_integrity\/","https:\/\/www.youtube.com\/channel\/UC03HJFKiaCStfIHFnfdRbvA","https:\/\/www.linkedin.com\/company\/associao-all4integrity\/"]}]}},"knowledge_base_info":[],"knowledge_base_slug":[],"_links":{"self":[{"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/docs\/27044","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/types\/docs"}],"author":[{"embeddable":true,"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/users\/98"}],"replies":[{"embeddable":true,"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/comments?post=27044"}],"version-history":[{"count":0,"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/docs\/27044\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/media?parent=27044"}],"wp:term":[{"taxonomy":"doc_category","embeddable":true,"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/doc_category?post=27044"},{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/www.all4integrity.org\/en\/wp-json\/wp\/v2\/doc_tag?post=27044"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}