Analisis Manajemen Keamanan Informasi Menggunakan Standard ISO 27001:2005 Pada Staff IT Support Di Instansi XYZ

Titus Kristanto, Mohammad Sholik, Dewi Rahmawati, Muhammad Nasrullah

Abstract


Information security management is very important to use, especially for educational instutions, because it is able to reduce the risk of threats to the use of information technology for educational organizations. Information security management is indispensable as an effort to minimize the risk of data enhancement and information threats. Implementation of information security management is intended to know technical problems and non technical problems. The research uses the ISO 27001:2005 standard is very flexible depending on the needs of the organization and focus on information security management. The research results using the ISO 27001:2005 standard is able to reduce the risk level and perform some activities that must be improved to improve information security at XYZ institutions.


Keywords


ISO 27001:2005 Standard; Information Security Management; IT Support

Full Text:

PDF

References


T. Kristanto, R. Arief, and N. F. Rozi, “Perancangan Audit Keamanan Informasi Berdasarkan Standar ISO 27001:2005 (Studi Kasus : PT Adira Dinamika Multi Finance),” in Seminar Nasional Sistem Informasi Infonesia (SESINDO) 2014, 2014.

M. Sidik, Ade Iriani, and Sri Yulianto, “Audit Manajemen Keamanan Teknologi Informasi Menggunakan Standar ISO 27001:2005 Di Perguruan Tinggi XYZ,” Sitech J. Sist. Inf. dan Teknol., vol. 1, no. 2, pp. 1–6, 2018.

N. Sulistiyowati, “Evaluasi Keamanan Informasi Berbasis ISO 27001 Pada Dinas Pengelolaan Pendapatan Keuangan Dan Aset Daerah Kabupaten Karawang,” Syntax J. Inform., vol. 4, no. 2, 2015.

C. Chazar, “Standar Manajemen Keamanan Informasi Berbasis ISO/IEC 27001: 2005,” J. Inf., vol. VII, no. 2, pp. 48–57, 2015.

H. Anom Suseyto Aji Nugroho, W. W. Winarno, and Sudarmawan, “Metode Silogisme AND Untuk Validitas Jawaban Dari Responden Dalam Analisis Maturity Level Keamanan Informasi Berbasis SNI ISO 27001 : 2013 Pada Dinas Kependudukan Dan Pencatatan Sipil Kota XYZ,” J. Transform. Inf. dan Pengemb. IPTEK, vol. 14, no. 2, pp. 167–177, 2018.

S. Kramer and J. C. Bradfield, “A General Definition of Malware,” J. Comput. Virol., vol. 6, no. 2, pp. 105–114, 2010.

D. R. Septani, N. Widiyasono, and H. Mubarok, “Investigasi Serangan Malware Njrat Pada PC,” JEPIN J. Edukasi dan Penelit. Inform., vol. 2, no. 24, pp. 123–128, 2016.

T. A. Cahyanto, V. Wahanggara, and D. Ramadana, “Analisis dan Deteksi Malware Menggunakan Metode Malware Analisis Dinamis dan Malware Analisis Statis,” Justindo J. Sist. dan Teknol. Inf. Indones., vol. 2, no. 1, pp. 19–30, 2017.

A. Tedyyana and Supria, “Perancangan Sistem Pendeteksi Dan Pencegahan Penyebaran Malware Melalui SMS Gateway,” J. Inovtek Polbeng - Seri Inform., vol. 3, no. 1, pp. 34–40, 2018.

IT Governance Ltd, “Information Security and ISO 27001 : An Introduction,” in IT Governance Green Paper, 2018, pp. 1–10.

F. Ermana, H. Tanuwijaya, and I. A. Mastan, “Audit Keamanan Sistem Informasi Berdasarkan Standar ISO 27001 Pada PT. BPR JATIM,” JSIKA J. Sist. Inf. dan Komput. Akunt., vol. 1, no. 1, pp. 1–8, 2012.

R. Atmajaya, H. Tanuwijaya, and E. Sutomo, “Audit Keamanan Sistem Informasi Pada Bagian SIMDA Berdasarkan Standart ISO 27002:2005 Di Dinas Pendapatan Dan Pengelolaan Keuangan Daerah Kabupaten Lombok Barat,” JSIKA J. Sist. Inf. dan Komput. Akunt., vol. 5, no. 7, pp. 1–6, 2016.

R. Sarno and I. Iffano, “Sistem Manajemen Keamanan Informasi : Teori, Perancangan, dan Implementasi Berbasis ISO 27001,” 2009. .

Rosmiati and I. Riadi, “Analisis Keamanan Informasi Berdasarkan Kebutuhan Teknikal Dan Operasional Mengkombinasikan Standar ISO 27001:2005 Dengan Maturity Level (Studi Kasus Kantor Biro Teknologi Informasi PT. XYZ),” in Seminar Nasional Teknologi Informasi Dan Multimedia 2016, 2016, pp. 1.1-1 s/d 1.1-6.

J. G. A. Ascanio, R. A. B. Trillos, and D. W. R. Bautista, “Implantación de un sistema de gestión de seguridad de información bajo la ISO 27001: análisis del riesgo de la información,” Tecnura, vol. 19, no. 46, pp. 123–134, 2015.

И. Л. М, Б. Е. К, Е. И. Э, and З. С. И, “Расчет рисков информационной безопасности телекоммуникационного предприятия Calculation of risks of information security of telecommunication enterprise,” Cyber Leninka, vol. 22, no. 2, pp. 61–70, 2018.

A. Budiman, L. S. Wahyuni, and S. Bantun, “Perancangan Sistem Informasi Pencarian Dan Pemesanan Rumah Kos Berbasis Web (Studi Kasus : Kota Bandar Lampung),” Tekno Kompak, vol. 13, no. 2, pp. 24–30, 2019.

M. Bakri and N. Irmayana, “Analisis Dan Penerapan Sistem Manajemen Keamanan Informasi SIMHP BPKP Menggunakan Standar ISO 27001,” Tekno Kompak, vol. 11, no. 2, p. 41, 2017.




DOI: https://doi.org/10.31326/jisa.v2i2.497

Refbacks

  • There are currently no refbacks.


Copyright (c) 2019 Titus Kristanto, Mohammad Sholik, Dewi Rahmawati, Muhammad Nasrullah

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

JOURNAL IDENTITY

Journal Name: JISA (Jurnal Informatika dan Sains)
e-ISSN: 2614-8404, p-ISSN: 2776-3234
Publisher: Program Studi Teknik Informatika Universitas Trilogi
Publication Schedule: June and December 
Language: Indonesia & English
APC: The Journal Charges Fees for Publishing 
IndexingEBSCODOAJGoogle ScholarArsip Relawan Jurnal IndonesiaDirectory of Research Journals Indexing, Index Copernicus International, PKP IndexScience and Technology Index (SINTA, S4) , Garuda Index
OAI addresshttp://trilogi.ac.id/journal/ks/index.php/JISA/oai
Contactjisa@trilogi.ac.id
Sponsored by: DOI – Digital Object Identifier Crossref, Universitas Trilogi

In Collaboration With: Indonesian Artificial Intelligent Ecosystem(IAIE), Relawan Jurnal IndonesiaJurnal Teknologi dan Sistem Komputer (JTSiskom)

 

 

JISA (Jurnal Informatika dan Sains) is Published by Program Studi Teknik Informatika, Universitas Trilogi under Creative Commons Attribution-ShareAlike 4.0 International License.