Religación

Auditing and Blockchain: Opportunities and limitations

Jeniffer Elizabeth Tarco Vintimilla — 2025-11-27

This paper establishes the opportunities and limitations presented by the use of blockchain technology in the auditor's work. The objective is to analyze the opportunities and limitations offered by blockchain technology in the field of auditing, considering theoretical advances and applications.The methodology employed is a qualitative approach, based on the content study of eight significant research papers published between 2017 and 2024. The main results show that, for the auditor, there are both benefits and limitations to its use. There are also drawbacks such as the complexity of technology, incompatibility with traditional processes, uncertainty in information validation, and regulatory challenges. In conclusion, for blockchain technology to be highly useful in the auditor's work, several technical, operational, and regulatory developments are necessary to enhance its application and importance in the audit field.

Design of an Information Security System Applied to the ICT Area of the Municipal GAD of Santa Rosa

Jorge Luis González Crespin — 2025-11-27

The protection of information has become a critical challenge for public institutions due to the increasing complexity of cyber threats and the need to safeguard essential technological assets. This research aims to design an Information Security Management System for the Information and Communication Technologies area of the municipal institution of Santa Rosa, located in the province of El Oro, Ecuador. The proposal is based on the guidelines of the ISO/IEC 27001:2022 standard and integrates the MAGERIT methodology together with the Plan–Do–Check–Act (PDCA) cycle to diagnose the current security conditions, identify risks and vulnerabilities, and determine opportunities for improvement in institutional information management. The analysis made it possible to establish controls and policies that reinforce data confidentiality, integrity, and availability while improving the efficiency of technological processes. The findings conclude that the proposed system contributes to the development of an organizational culture oriented toward cybersecurity and continuous improvement, ensuring stronger information protection and supporting the operational continuity of municipal services

Sustainability as a key factor in bakery sector startups

Emma Yolanda Mendoza Vargas — 2025-11-27

Small and medium-sized enterprises (SMEs) play a crucial role in countries as they generate employment, contribute to production development, and provide societal benefits. Businesses typically emerge through small ventures, which, from a sustainable perspective, should be capable of creating a positive impact economically, politically, socially, and environmentally to ensure their sustainability. The main objective of this research is to determine the level of sustainability of entrepreneurial ventures in the pastry sector in the city of Quevedo. The study is framed within a descriptive and field research approach, adopting the deductive method as a logical reasoning strategy. A survey was used as the data collection instrument, applied to a total of 30 entrepreneurs through a non-probabilistic sampling technique. The data was collected electronically and processed using Google Forms tools. The sustainability level, according to the analyzed dimensions, is low. From a social perspective, while employment is generated, there are no motivation and reward strategies, and evidence suggests that some employees are not insured and work on a daily basis. In the environmental dimension, although there are initiatives for water and energy conservation, they are primarily aimed at reducing service costs rather than preserving resources. There are no clearly defined strategies within the processes to ensure environmental care. Finally, regarding the economic dimension, most entrepreneurs do not maintain accounting records, and although they claim to be profitable, it is impossible to verify this without an actual financial overview of income and expenses.

Effectiveness of virtual reality exposure therapy for treating acrophobia: a systematic review

Karen Gabriela Leon Polo — 2025-11-26

Acrophobia is a specific phobia characterized by an extreme and irrational fear of heights, which significantly affects the quality of life of those who suffer from it. Although exposure-based Cognitive Behavioral Therapy (CBT) has proven effective, it has several practical limitations. In this context, Virtual Reality Exposure Therapy (VRET) has emerged as an innovative alternative. The objective of this systematic review is to describe the efficacy of VRET in the treatment of acrophobia. Following the PRISMA guidelines, a search was conducted in Scopus, Ovid Medline, PubMed, and Cochrane. Study selection was performed using the Rayyan platform, and methodological quality was assessed according to the CASPe guidelines. Five randomized controlled trials that met the inclusion criteria were selected, demonstrating that VRET is effective in the treatment of acrophobia. The findings show that this virtual format significantly reduces anxiety levels and allows for progressive, controlled, safe, adaptable, and lower-cost exposure. In conclusion, although VRET follows CBT guidelines, the virtual environment enables an immersive experience that generates a controlled memory resource, facilitating tolerance and overcoming of fear.

Information Security Maturity Model for Integrated Irrigation and Drainage Management Systems

Jennifer Jomaira Loayza Castro — 2025-11-26

In a global context of increasing digitalization, the protection of personal data and the secure management of information have become fundamental pillars to ensure public trust, institutional transparency, and regulatory compliance. In Ecuador, the implementation of the Organic Law on Personal Data Protection (LOPDP, 2021) still faces limitations in its practical application, particularly within Decentralized Autonomous Governments (GADs), where information systems lack comprehensive information security management frameworks. In response to this issue, the present research aimed to design a maturity model applied to information security management for the Integrated Irrigation and Drainage Management System of the Provincial GAD of El Oro, aligned with the LOPDP, ISO/IEC 27001:2022, and the Governmental Information Security Scheme (EGSI), version 3. The study integrated the Capability Maturity Model Integration (CMMI) framework and adopted a cross-sectional research design, allowing for the analysis of a geographically and systematically delimited sample of 12 participants over a defined period. A mixed-methods approach was employed using three instruments: first, a checklist based on the ISO/IEC 27001:2022 controls; second, a survey administered to technical and administrative personnel; and third, interviews conducted with professionals according to their profiles. The results revealed a low level of compliance and awareness of the LOPDP (corresponding to levels 1 and 2 of the CMMI reference model), characterized by an incipient initial stage in the implementation of an EGSI, a lack of methodological documentation, and a scarcity of institutional policies that comprehensively govern information security. Additionally, there was an absence of institutional training and awareness programs, as well as deficiencies in access control, risk management, incident response, and staff training. These findings reflect a limited articulation among the LOPDP, EGSI v3, CMMI, and internal institutional processes. In this regard, the study identifies key weaknesses within the irrigation system and highlights the institution’s recent adoption of the LOPDP framework. The proposed model is intended to serve as a strategic tool to enhance information security management within the institution, addressing technical, legal, and administrative aspects that promote data confidentiality, integrity, and availability. Moreover, it provides a methodological contribution that can be replicated in other institutional information systems. Finally, it opens avenues for future research aimed at assessing the maturity levels of information systems, promoting alternatives for EGSI implementation across GADs, and fostering the development of studies or audits related to public cybersecurity management.