Contact
Result of the resolution: Economic sanction
Infraction of security measures within the framework of an internal audit conducted by the Foundation: 1) in the process of assigning new passwords, it was not guaranteed that credentials were under the exclusive control of users, as in the first entry the system did not force change by the user. 2) This also meant that it could not be guaranteed to know in an undoubted way what, who and when he performed a certain amount of work in the computer system. This lack of security was particularly apparent when auditors created new "ex novo" credentials for the system technician, and with these new credentials they accessed their work team in order to avoid risks in the system.