Evaluación de riesgos de seguridad de la información y generación del plan de gestión de incidentes. Caso de estudio fondo para la protección del agua (FONAG).

Abstract

In a highly competitive market, the quality of a software product is crucial as it allows the developer organization to have an advantage over other organizations. However, implementing quality standards represents a significant challenge for novice developers due to various factors such as lack of knowledge of the standards and lack of experience. Additionally, the limited resources of novice developer teams can also be an obstacle to implementing quality standards, thus limiting the growth of these teams. This study presents the results of an experiment carried out with six teams of novice software developers to explore the impact of implementing the standard ISO/IEC TR 29110-5-1-2:2011 on both the software process and product quality. In the experiment, three teams used this standard to guide developing a software product, while the other three did not. All teams used the same scope and requirements specification for the development of the product. The results of the experiment provide evidence that there is a positive impact on the quality of both process and product when ISO/IEC TR 29110 -5-1-2:2011 is implemented in novice developer environments. The software process quality assessment conducted identified the strengths and weaknesses of the process in question. The performance of the controlled teams was superior to the performance of the non-controlled teams. Likewise, the results of the product quality assessment indicate a marked difference between the controlled and non-controlled teams.