Servicios Personalizados
Revista
Articulo
Indicadores
Citado por SciELO
Accesos
Links relacionados
Citado por Google
Similares en SciELO
Similares en Google
Compartir
Revista Facultad de Ingeniería Universidad de Antioquia
versión impresa ISSN 0120-6230versión On-line ISSN 2357-53280
Resumen
SATIZABAL-ECHAVARRIA, Isabel Cristina y ACEVEDO-QUINTANA, Nancy María. MePRiSIA: risk prevention methodology for academic information systems. Rev.fac.ing.univ. Antioquia [online]. 2018, n.89, pp.81-101. ISSN 0120-6230. https://doi.org/10.17533/udea.redin.n89a11.
Information of academic systems can be stolen, modified or erased by attackers, causing losses to institutions. Applying a risk prevention methodology at educational institutions would help to avoid academic information misuse by users or attackers. MePRiSIA was designed as a risk prevention methodology to be simple and easy to understand while including the human factor in each step. This methodology has four steps to be considered in the process: setting the context, risk identification, risk analysis, and risk prevention. After being applied to the academic information system of Universidad de Pamplona (Colombia) called ACADEMUSOFT, MePRiSIA was evaluated by experts. In conclusion, after applying MePRiSIA to ACADEMUSOFT, the human factor was part of its most important assets and involved in the very high-level risks identified. According to the experts, implementation of MePRiSIA is hard when institution directors do not provide staff and financial resources for this purpose.
Palabras clave : Educational information systems; information management; information systems evaluation; methodology; risk assessment.