Information Security Mechanisms in an Organisation: A Systematic Review

Abstract

Information is necessary in companies for the development of organisational strategies with solid foundations; any security breach can compromise the organisation's sensitive data and seriously damage it. Based on this, a systematic review has been carried out with the aim of pointing out those mechanisms developed for the protection of organisational information security that are very useful in a context in which digital tools are increasingly present when storing sensitive information, as well as classifying these mechanisms according to the information asset to be protected. The PRISMA methodology was used for the documentary search and research published in databases such as Scopus, Dialnet and SciELO was taken into account. Exclusion and inclusion criteria were applied, which reduced the results to 19 articles that will be used as an analysis tool. When interpreting the results, it was observed that there are mechanisms that, when applied, not only strengthen one aspect of the organisation, but also relate to other mechanisms. Finally, these results were identified within 3 layers corresponding to software, hardware and human capital of the organisations.