Treatment of Findings in Computer Auditing in Public Organizations
Abstract
It is important to have a well-defined process on the findings found in the internal and external audits of the Management Systems of Peruvian organizations, to identify, investigate, and eliminate the causes of non-conformities that may arise in the organizations of the Peruvian state. The objective of this article is to describe the importance of the Process of Treatment of Findings of the Computer Audits, where it establishes guidelines for corrective actions, observations and opportunities for improvement, for this we trust the Peruvian Technical Standard 122017: 2016 “Software and Systems Engineering. Software life cycle processes” and the Peruvian Technical Standard NTP-ISO / IEC 27001 information technology. An important part of the proposal is the definition of roles and responsibilities, the activities of each sub-process and the use of control templates.