Implementation of an Information Security Management System to Improve the IT Security of an Agricultural Tool Manufacturing Company

Abstract

Cyber-attacks have been increasing in recent years, being this a problem for any type of company. This study aims to implement a system that aims to improve computer security in a company dedicated to the manufacture of agricultural tools to ensure the defense of the company's data and information. The methodology used is the PDCA Cycle, the choice of methodology will help the solution to the problem can be constantly improved. The methodology goes hand in hand with the ISO/IEC 27001 standard that establishes the requirements for the administration and continuous improvement of an Information Security Management System (ISMS). The result of the research showed that the ISMS has a positive influence on the company's information security, the main result being that reported cyber-attack incidents decreased to 1.33%, similarly resolved cyber-attack incidents increased by 72.20%, the percentage of compliance with security policies increased to 83.30%. In conclusion, the implementation of the system significantly improved its defensive measures against cyber-attacks, the adoption of clear policies and procedures, the company has strengthened its preparedness and response capacity to possible security incidents. © 2024 IEEE.