Seguridad de la información en la institución universitaria

This paper analyses the security requirements deriving from the application of the General Data Protection Regulation. In addition to a brief description, it identifies the security risk factors that, in the author's opinion, concern the university institution. In this regard, in addition to the structural and functional complexity, there is an internal culture that significantly hinders the deployment of compliance and governance models.