Evaluasi Tingkat Kelayakan Sistem Informasi Akademik Perguruan Tinggi dengan Framework ISO/IEC 27001:2013

Andi Sofyan Anas, Muhammad Tajuddin, Ahmat Adil, Rifqi Hammad

Abstract


One university that has made use of information technology to provide high-quality services for students and the academic community as a whole is X University. Information Technology and Communication Center (PUSTIK), which is in charge of carrying out the creation, management, service, and upkeep of information and communication technology security, is in charge of overseeing this information technology service. Information security should be able to be maintained by effective IT governance. As a result, it's critical to assess information system security, particularly that of academic information systems. The ISO/IEC 27001:2013 standard is cited in Indeks Keamanan Informasi (KAMI), which is used in this information system security evaluation to assess the maturity level of information security. An assessment of five areas The Information Security Risk Management category receives the lowest score of 10 out of a possible 72 according to the KAMI Index. With a total score of 166, the KAMI Index dashboard results indicate that each area of information security maturity is at levels I and I+. This indicates that the ISO 27001:2013 standard's level of implementation completeness falls into the insufficient category.

Keywords


ISO/IEC 27001:2013, Evaluation, Security, Information

Full Text:

PDF

References


D. Darmawan and A. F. Wijaya, “Analisis dan Desain Tata Kelola

Teknologi Informasi Menggunakan Framework COBIT 2019 pada

PT. XYZ,” J. Comput. Inf. Syst. Ampera, vol. 3, no. 1, pp. 1–17, 2022.

E. R. Pratama, Suprapto, and A. R. Perdanakusuma, “Evaluasi Tata Kelola Sistem Keamanan Teknologi Informasi Menggunakan Indeks KAMI dan ISO 27001: Studi Kasus KOMINFO Provinsi Jawa Timur,” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 2, no. 11, pp. 5911–5920, 2018, [Online]. Available: http://j-ptiik.ub.ac.id/index.php/j-ptiik/article/view/3465

S. Aminah, M. Ula, and M. Ula, “Pengukuran Tingkat Kemampuan (Capability Level) Tata Kelola Teknologi Informasi Pada Perpustakaan Universitas Malikussaleh Menggunakan Framework Cobit 5 Domain Apo (Align, Plan and Organize),” Sisfo J. Ilm. Sist. Inf., vol. 4, no. 2, 2020.

R. Sarno and I. Iffano, Sistem Manajemen Keamanan Informasi. Surabaya: ITS Press, 2009.

N. Arman, W. Hayuhardhika, and A. Rachmadi, “Evaluasi Keamanan Informasi pada Dinas Komunikasi dan Informatika Kabupaten Sidoarjo menggunakan Indeks Keamanan Informasi (KAMI),” Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 3, no. 6, pp. 5750–5755, 2019.

A. S. Anas, I. G. A. S. D. G. Utami, A. B. Maulachela, and A. Juliansyah, “KAMI index as an evaluation of academic information system security at XYZ university,” Matrix J. Manaj. Teknol. dan Inform., vol. 11, no. 2, pp. 55–62, 2021, doi: 10.31940/matrix.v11i2.2447.

G. I. Belo, L. H. Atrinawati, Y. T. Wiranti, and others, “Perancangan Tata Kelola Teknologi Informasi Menggunakan Cobit 2019 Pada PT Telekomunikasi Indonesia Regional VI Kalimantan,” J. Sist. Inf. dan Ilmu Komput. Prima (JUSIKOM PRIMA), vol. 4, no. 1, pp. 23–30, 2020.

S. C. A. Kumape, “Perancangan Tata Kelola Teknologi Informasi Menggunakan Cobit 2019 Pada PT. X,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 9, no. 2, pp. 1568–1580, 2022.

L. Dachliyani, S. Sos, and others, “Instrumen yang sahih: sebagai alat ukur keberhasilan suatu evaluasi program diklat (evaluasi pembelajaran),” MADIKA Media Inf. dan Komun. Diklat Kepustakawanan, vol. 5, no. 1, pp. 57–65, 2019.

Kominfo, “Panduan Penerapan SMKI Berbasis Indeks KAMI,” no. September, 2017.

S. N. Indonesia and B. S. Nasional, “Teknologi informasi – Teknik keamanan – Sistem manajemen keamanan informasi – Persyaratan,” 2009.

B. Panjaitan, L. Abdurrahman, and R. Mulyana, “Pengembangan Implementasi Sistem Manajemen Keamanan Informasi Berbasis Iso 27001: 2013 Menggunakan Kontrol Annex: Studi Kasus: Data Center Pt. Xyz,” eProceedings Eng., vol. 8, no. 2, 2021.

M. Amirinnisa, R. Bisma, S. Kom, and M. Kom, “Analysis of Information Security Risk Assessment Based on Iso 27005 for Preparation for Iso 27001 Certification in The Government of Madiun City,” J. Emerg. Inf. Syst. Bus. Intell., vol. 4, no. 4, pp. 47–58, 2023.

I. W. Wulandari and H. Hwihanus, “Peran Sistem Informasi Akuntansi Dalam Pengaplikasian Enkripsi Terhadap Peningkatan Keamanan Perusahaan,” J. Kaji. dan Penal. Ilmu Manaj., vol. 1, no. 1, pp. 11–25, 2023.

M. Tajuddin, N. Agustiarini, and A. S. Anas, Sistem Informasi Manajemen Pendekatan Konsep dan Implementasi. Media Nusa Creative (MNC Publishing), 2023.

M. D. Ria and A. Budiman, “Perancangan sistem informasi tata kelola teknologi informasi perpustakaan,” J. Inform. dan Rekayasa Perangkat Lunak, vol. 2, no. 1, pp. 122–133, 2021.




DOI: https://doi.org/10.31284/p.snestik.2024.5859

Refbacks

  • There are currently no refbacks.


Copyright (c) 2024 Andi Sofyan Anas, Muhammad Tajuddin, Ahmat Adil, Rifqi Hammad

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.