El libro ofrece una descripción detallada de los principales aspectos a tener en cuenta al definir e implantar un Sistema de Gestión de la Seguridad de la Información en cualquier tipo de organización, prestando atención al análisis y gestión de riesgos, a la definición e implantación de políticas, planes y procedimientos de seguridad, y a la problemática específica de la estricta normativa en materia de protección de datos personal (Description in English below). El libro pretende comunicar los principales problemas a considerar y las soluciones que se podrían implantar para abordad la Gestión de la Seguridad de la Información en cualquier organización. Description in English: This work offers a detailed description of the main aspects that should be taken into account when defining and implementing an Information Security Management System in any type of organization, paying special attention to risk analysis and management, to the definition and implementation of security policies, plans and procedures, and the specific problems of the strict regulations on the protection of personal data in force in Spain (LOPD).Likewise, it analyzes the problems of security in the Internet connection and the main types of threats and intruders in computer networks, as well as the problems caused by cases of scams and "phishing" on the Internet. The basic characteristics of cryptographic solutions and the use of electronic signatures to improve transaction security are also presented.With all this, the intention is to transmit to the reader what are the main problems to consider and the solutions that could be implemented to deal with Information Security Management in any type of organization.