Conceção de um serviço integrado de avaliação da gestão e proteção de dados
Autor(a) principal: | |
---|---|
Data de Publicação: | 2020 |
Tipo de documento: | Dissertação |
Idioma: | por |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | https://hdl.handle.net/10216/129883 |
Resumo: | The recently published General Data Protection Regulation (GDPR) launched new challenges for information systems, for either software houses and users companies using those same information systems. The protection of data owners is a fundamental right of individuals and now with a legal frame at European level duly adjusted. This dissertation studies the challenges that the GDPR raised on the management information systems commonly operating in the organizations and proposes some answers. The method is the case analysis of the Sistrade® MIS | ERP in its various modules: Administrative & Financial, Commercial & Budget Management, Production Management, Stock & Purchasing Management, and WEB Management Solutions. Initially, the assessment is carried out by identifying processes in each of the modules and mapping the data processings performed. Follows an assessment of the risk each of those data processings poses to the protection of personal data, conducing to a global impact assessment of the several modules in the system. Subsequently, and working from the weaknesses identified in the system, some suggestions are made in order to mitigate the risks of data breaches. An audit process is also specified in which some questions are raised in relation to the data processings carried out, and some report models are suggested that may help to the compliance of the system's own implementations. In summary, this dissertation allowed an analysis of data protection in Sistrade® MIS | ERP, and giving some hints for the fulfillment of the new requirements of the GDPR. |
id |
RCAP_5bc90ca554acaad9d11e8387f991f590 |
---|---|
oai_identifier_str |
oai:repositorio-aberto.up.pt:10216/129883 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Conceção de um serviço integrado de avaliação da gestão e proteção de dadosCiências da comunicaçãoMedia and communicationsThe recently published General Data Protection Regulation (GDPR) launched new challenges for information systems, for either software houses and users companies using those same information systems. The protection of data owners is a fundamental right of individuals and now with a legal frame at European level duly adjusted. This dissertation studies the challenges that the GDPR raised on the management information systems commonly operating in the organizations and proposes some answers. The method is the case analysis of the Sistrade® MIS | ERP in its various modules: Administrative & Financial, Commercial & Budget Management, Production Management, Stock & Purchasing Management, and WEB Management Solutions. Initially, the assessment is carried out by identifying processes in each of the modules and mapping the data processings performed. Follows an assessment of the risk each of those data processings poses to the protection of personal data, conducing to a global impact assessment of the several modules in the system. Subsequently, and working from the weaknesses identified in the system, some suggestions are made in order to mitigate the risks of data breaches. An audit process is also specified in which some questions are raised in relation to the data processings carried out, and some report models are suggested that may help to the compliance of the system's own implementations. In summary, this dissertation allowed an analysis of data protection in Sistrade® MIS | ERP, and giving some hints for the fulfillment of the new requirements of the GDPR.2020-10-202020-10-20T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttps://hdl.handle.net/10216/129883TID:202591832porJosé António Casanova Monteiroinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-29T15:38:05Zoai:repositorio-aberto.up.pt:10216/129883Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T00:28:20.609162Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados |
title |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados |
spellingShingle |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados José António Casanova Monteiro Ciências da comunicação Media and communications |
title_short |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados |
title_full |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados |
title_fullStr |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados |
title_full_unstemmed |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados |
title_sort |
Conceção de um serviço integrado de avaliação da gestão e proteção de dados |
author |
José António Casanova Monteiro |
author_facet |
José António Casanova Monteiro |
author_role |
author |
dc.contributor.author.fl_str_mv |
José António Casanova Monteiro |
dc.subject.por.fl_str_mv |
Ciências da comunicação Media and communications |
topic |
Ciências da comunicação Media and communications |
description |
The recently published General Data Protection Regulation (GDPR) launched new challenges for information systems, for either software houses and users companies using those same information systems. The protection of data owners is a fundamental right of individuals and now with a legal frame at European level duly adjusted. This dissertation studies the challenges that the GDPR raised on the management information systems commonly operating in the organizations and proposes some answers. The method is the case analysis of the Sistrade® MIS | ERP in its various modules: Administrative & Financial, Commercial & Budget Management, Production Management, Stock & Purchasing Management, and WEB Management Solutions. Initially, the assessment is carried out by identifying processes in each of the modules and mapping the data processings performed. Follows an assessment of the risk each of those data processings poses to the protection of personal data, conducing to a global impact assessment of the several modules in the system. Subsequently, and working from the weaknesses identified in the system, some suggestions are made in order to mitigate the risks of data breaches. An audit process is also specified in which some questions are raised in relation to the data processings carried out, and some report models are suggested that may help to the compliance of the system's own implementations. In summary, this dissertation allowed an analysis of data protection in Sistrade® MIS | ERP, and giving some hints for the fulfillment of the new requirements of the GDPR. |
publishDate |
2020 |
dc.date.none.fl_str_mv |
2020-10-20 2020-10-20T00:00:00Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
https://hdl.handle.net/10216/129883 TID:202591832 |
url |
https://hdl.handle.net/10216/129883 |
identifier_str_mv |
TID:202591832 |
dc.language.iso.fl_str_mv |
por |
language |
por |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799136195079307264 |