Proposal for an Information Security Management System for the Enrollment Process of a University

Abstract

The present study aims to implement acquired knowledge and apply it to enhance the enrollment process at a university. This initiative stems from various studies, including those focused on measuring risk prevention strategies, specifically in the enrollment domain, due to the increasing diversity of university course offerings. Consequently, the following objective is proposed: to suggest an Information Security Management System (ISMS) to improve the university enrollment process. To achieve this, the plan involves developing an ISMS using the PDCA methodology, which comprises four phases. Initially, it aims to identify the characteristics and indicators to establish the proposal. Subsequently, the focus shifts to maintaining and implementing problem-solving policies. In the third phase, results are evaluated, and finally, alternative improvements are proposed. All these steps align with the guidelines of ISO 27001:2013. As this is a proposal yet to be executed, the results are assessed using statistical software to compare correlations between the ISMS and the enrollment process, thus addressing the proposed hypotheses. It is found that a relationship exists between the variables and can be developed since one influence the other. This is evidenced by a Spearman's Rho coefficient of 0.474, indicating a moderate positive correlation, measured at a significance level less than 0.05. In conclusion, the analysis of various articles in this study has underscored the importance of developing an Information Security Management System in the university context, particularly in the enrollment process. This enables adaptation to change in security risks. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.