Digital tool to optimize audits based on the ISO/IEC 27001:2022 standard
Gespeichert in:
| Titel: | Digital tool to optimize audits based on the ISO/IEC 27001:2022 standard |
|---|---|
| Autoren: | Sebastian Buesaco, Alejandro Alcaraz Gaviria, Juan José Caiza Narváez, Katerine Marceles Villalba, Siler Amador Donado |
| Quelle: | Revista Colombiana de Tecnologías de Avanzada, Vol 2, Iss 46, Pp 209-216 (2025) |
| Verlagsinformationen: | Universidad de Pamplona, 2025. |
| Publikationsjahr: | 2025 |
| Bestand: | LCC:Technology (General) |
| Schlagwörter: | iso/iec 27001, information security, audit tool, agile development, owasp zap, tam model, secure development, cybersecurity, Technology (General), T1-995 |
| Beschreibung: | This article presents an applied research study focused on the design, development, and validation of SECUREISO, a digital tool aimed at optimizing audit processes in information security management systems aligned with the ISO/IEC 27001:2022 standard. The study employed an agile methodological framework (Scrum), combining secure development practices with empirical validation techniques, including automated penetration testing using OWASP ZAP and the Technology Acceptance Model (TAM). Results demonstrate levels of usability, perceived usefulness, and operational efficiency. Furthermore, its flexible and scalable architecture enables adaptation to diverse sectors. This work contributes to the cybersecurity field by offering a replicable, research-based solution that enhances standard implementation and opens new avenues for investigation in automated digital auditing. |
| Publikationsart: | article |
| Dateibeschreibung: | electronic resource |
| Sprache: | English Spanish; Castilian |
| ISSN: | 1692-7257 2500-8625 |
| Relation: | https://ojs.unipamplona.edu.co/index.php/rcta/es/article/view/4111/8275; https://doaj.org/toc/1692-7257; https://doaj.org/toc/2500-8625 |
| DOI: | 10.24054/rcta.v2i46.4111 |
| Zugangs-URL: | https://doaj.org/article/52f165999fc64d02b88431f11d21576c |
| Dokumentencode: | edsdoj.52f165999fc64d02b88431f11d21576c |
| Datenbank: | Directory of Open Access Journals |
Nájsť tento článok vo Web of Science | Abstract: | This article presents an applied research study focused on the design, development, and validation of SECUREISO, a digital tool aimed at optimizing audit processes in information security management systems aligned with the ISO/IEC 27001:2022 standard. The study employed an agile methodological framework (Scrum), combining secure development practices with empirical validation techniques, including automated penetration testing using OWASP ZAP and the Technology Acceptance Model (TAM). Results demonstrate levels of usability, perceived usefulness, and operational efficiency. Furthermore, its flexible and scalable architecture enables adaptation to diverse sectors. This work contributes to the cybersecurity field by offering a replicable, research-based solution that enhances standard implementation and opens new avenues for investigation in automated digital auditing. |
|---|---|
| ISSN: | 16927257 25008625 |
| DOI: | 10.24054/rcta.v2i46.4111 |