Systems Audit for the Tourism Sector

Authors

  • Nestor Cuba
  • Rosario Pariona
  • Alex Pacheco
  • Elizabeth Mendoza
  • Consuelo Espino
  • Bertha Larico

Keywords:

Computer Audit, Tourism Sector, NTP-ISO / IEC 27001, NTP-ISO / IEC 12207: 2016, ISO / IEC 27004: 2016.

Abstract

It is essential to have a Systems Audit process to determine the conformity of the products, processes, plans, agreements and monitoring that may be generated in the Tourism Sector. The objective of the article is to describe a procedure to carry out computer audits, evaluate, determine the level of compliance with the processes and propose improvement actions. For this, we rely on observation sheets, survey format and checklist format of the Peruvian Technical Standard NTP ISO / IEC 27001: 2014, NTP ISO / IEC 12207: 2016 and ISO / IEC 27004:

  1. The results show that having a defined process saves management costs, identifies threats and reduces risks while safeguarding the integrity of the data. Highlighting the importance of improvement plans to prevent crime, increase the profitability of operations and scale the business strategy. Likewise, know the non- conformities of the processes so that through corrective and preventive actions they become compliant processes.

References

Alfonso, Y., Blanco, B., & Loy, L. (2012). Information Systems Audit of Financial Statements. Revista de Arquitectura e Ingeniería, 6(2), 1–14. https://www.redalyc.org/pdf/1939/193924743004.pdf

Arcentales-Fernández, D., & Caycedo-Casas, X. (2017). Auditoría informática: un enfoque efectivo. Dominio de Las Ciencias, 157–173. https://dx.doi.org/10.23857/dom.cien.pocaip.2017.3.mono1.ago.157-173

Blanco, L. (1982). La auditoria de los sistemas automatizados : una introduccion a su estudio. Economia y Desarrollo, 67(Mar-Abr), 20–45. https://biblat.unam.mx/es/revista/economia-y-desarrollo/articulo/la- auditoria-de-los-sistemas-automatizados-una-introduccion-a-su-estudio

Chicano, E. (2014). Auditoria de seguridad informática. IC Editorial.

International Organization for Standardization. (2016). Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and Evaluation. (ISO/IEC 27004: 2016). https://www.iso.org/standard/64120.html

Mendoza, E., Espino, C., Rodriguez, C., & Pacheco, A. (2020). Software Testing of Information Systems in Peruvian Public Organizations. TEST Engineering & Management, 83(March-April), 13428–13433. https://testmagzine.biz/index.php/testmagzine/article/view/6045/4778

Mendoza, E., Rodriguez, C., & Esenarro, D. (2019). Configuration Management of Information Systems in Peruvian Goverment Organizations.

International Journal of Innovative Technology and Exploring Engineering (IJITEE), 8(12S2), 31–36.

https://doi.org/10.35940/ijitee.L1007.10812S219

Peruvian Technical Standard. (2018). Information Technology. Security techniques Information security management systems. Requirements 2nd. Edition. (NTP ISO/IEC 27001:2014).

https://cdn.www.gob.pe/uploads/document/file/357224/Resoluci%C3

%B3n_Ministerial_N__004-2016-PCM20190902-25578-19siyuu.pdf Peruvian Technical Standard. (2016). Systems and Software Engineering,

Software life cycle processes 3rd, Edition. (NTP ISO/IEC 12207:2016).

https://cdn.www.gob.pe/uploads/document/file/313911/Resoluci%C3%B3n_d e_Secretar%C3%ADa_General_N__020-2019- PRODUCESG20190515-27906-1x5ijoj.pdf

Proaño Escalante, R. A., Saguay Chafla, C. N., Jácome Canchig, S. B., & Sandoval Zambrano, F. (2017). Knowledge based systems as an aid in information systems audit. Enfoque UTE, 8(1), pp. 148-159. https://doi.org/10.29019/enfoqueute.v8n1.122

Tamayo, D. (2015). Modelo de Auditoría Informática orientada a procesos de seguridad en redes computacionales. [Tesis de Pregrado, Universidad Andina Néstor Cáceres Velásquez]. http://repositorio.uancv.edu.pe/handle/UANCV/475

Salgado, M. del C., Osuna, N., Caro, M., & Morales, J. (2017). La Auditoría Informática en las organizaciones. Revista Electrónica Sobre Cuerpos Académicos y Grupos de Investigación, 4(8), 1–14. https://www.cagi.org.mx/index.php/CAGI/article/view/165

Downloads

Published

2021-04-30

How to Cite

Cuba, N. ., Pariona, R. ., Pacheco, A. ., Mendoza, E. ., Espino, C. ., & Larico, B. . (2021). Systems Audit for the Tourism Sector. The Journal of Contemporary Issues in Business and Government, 27(2), 4624–4633. Retrieved from https://cibgp.com/au/index.php/1323-6903/article/view/1381

Issue

Vol. 27 No. 2 (2021): The journal of contemporary issues in business and government

Section

Articles

License

You are free to:

  1. Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
  2. Adapt — remix, transform, and build upon the material for any purpose, even commercially.
  3. The licensor cannot revoke these freedoms as long as you follow the license terms.

Under the following terms:

  1. Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
  2. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.

Notices:

You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .

No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.