AUDIT KEAMANAN SISTEM INFORMASI DI DINAS XYZ PROVINSI LAMPUNG MENGGUNAKAN STANDAR ISO/IEC 27001:2013
Main Article Content
Abstract
Audit of Information security system in the Communication and Information department is needed to determine the extent of information system carried out. This reasearch uses the ISO/ IEC 27001: 2013. Data from this reasearch were obtained based on the result of interview, observation and questionnaire. The respondent conducted a self assessment, then the researcher observe. The results of this study indicate that the average maturity level of the respondent is at level 2 (repeatable) with a value of 2.13 and the average maturity level of the finding is level 2 (repeatable) with a value of 2.40. The difference between the respondent value and the finding value show that in the sub domain information security incident management. This difference occur due to the absence of existing SOP procedure and criteria. Overall, there is no policy in developing the system through a process of security testing.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
References
Ibrachim, N. e. 2012. Bakuan Audit Keamanan Informasi Kemenpora.Indonesia: Kementrian Pemuda dan Olahraga.
Mufadhol. 2009. Kerahasiaan dan Keutuhan Keamanan Data dalam menjaga Integritas dan Keberadaan Informasi Data (Vol.6). Jurnal Transformatika , 50-62.
Sarno, R. dan Iffano, I. 2009. Sistem Manajemen Keamanan Informasi. Surabaya: ITS Press.
Syafrizal, M. 2007. ISO 17799. Standar Sistem Manajemen Keamanan Sistem Informasi, Seminar Nasional Teknologi 2007 (STN 2007).
Whitman, M. E. dan Mattord, H. J. 2016. Manajemen of Information Sequrity (5th ed). Boston: Course Technology.