BibTex Citation Data :
@article{JSINBIS11239, author = {Yuni Yuze and Yudi Priyadi and Candiwan Candiwan}, title = {Analisis Sistem Manajemen Keamanan Informasi Menggunakan ISO/IEC 27001 : 2013 Serta Rekomendasi Model Sistem Menggunakan Data Flow Diagram pada Direktorat Sistem Informasi Perguruan Tinggi}, journal = {Jurnal Sistem Informasi Bisnis}, volume = {6}, number = {1}, year = {2016}, keywords = {Analysis Information Security; ISO/IEC 27001 : 2013; Maturity Level; SSE-CMM; CD/DFD}, abstract = { The importance of information and the possible risk of disruption, therefore the universities need to designed and implemented of the information security. One of the standards that can be used to analyze the level of information security in the organization is ISO/IEC 27001 : 2013 and this standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The objective of this research is to measure the level of information security based on standard ISO/IEC 27001: 2013 and modeling systems for information security management. This research uses descriptive qualitative approach, data collection and validation techniques with tringulasi (interview, observation and documentation). Data was analyzed using gap analysis and to measure the level of maturity this research uses SSE-CMM (Systems Security Engineering Capability Maturity Model). Based on the research results, Maturity level clause Information Security Policy reaches level 1 (Performed-Informally), clause Asset Management reaches level 3 (Well-Defined), clause Access Control reaches level 3 (Well-Defined), clause Physical and Environmental Security reaches level 3 (Well-Defined), clause Operational Security reaches level 3 (Well-Defined), Communication Security clause reaches the level 2 (Planned and Tracked). Based on the results of maturity level discovery of some weakness in asset management in implementing the policy. Therefore, the modeling system using the flow map and CD / DFD focused on Asset Management System. }, issn = {2502-2377}, pages = {38--45} doi = {10.21456/vol6iss1pp38-45}, url = {https://ejournal.undip.ac.id/index.php/jsinbis/article/view/11239} }
Refworks Citation Data :
The importance of information and the possible risk of disruption, therefore the universities need to designed and implemented of the information security. One of the standards that can be used to analyze the level of information security in the organization is ISO/IEC 27001 : 2013 and this standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The objective of this research is to measure the level of information security based on standard ISO/IEC 27001: 2013 and modeling systems for information security management. This research uses descriptive qualitative approach, data collection and validation techniques with tringulasi (interview, observation and documentation). Data was analyzed using gap analysis and to measure the level of maturity this research uses SSE-CMM (Systems Security Engineering Capability Maturity Model). Based on the research results, Maturity level clause Information Security Policy reaches level 1 (Performed-Informally), clause Asset Management reaches level 3 (Well-Defined), clause Access Control reaches level 3 (Well-Defined), clause Physical and Environmental Security reaches level 3 (Well-Defined), clause Operational Security reaches level 3 (Well-Defined), Communication Security clause reaches the level 2 (Planned and Tracked). Based on the results of maturity level discovery of some weakness in asset management in implementing the policy. Therefore, the modeling system using the flow map and CD / DFD focused on Asset Management System.
Article Metrics:
Last update:
Last update: 2024-11-14 19:06:35
Authors who submit the manuscripts to Journal JSINBIS must understand and agree that if the manuscript is accepted for publication, the copyright of the article belongs to JSINBIS and Diponegoro University as the journal publisher.
Copyright includes the exclusive right to reproduce and provide articles in all forms and media, including reprints, photographs, microfilm and any other similar reproductions, as well as translations. The author reserves the rights to the following:
JSINBIS and Diponegoro University and the Editors make every effort to ensure that no false or misleading data, opinions or statements are published in this journal. The content of articles published in JSINBIS is the sole and exclusive responsibility of the respective authors.
Copyright transfer agreement can be found here: [Copyright transfer agreement in doc] and [Copyright transfer agreement in pdf].
JSINBIS (Jurnal Sistem Informasi Bisnis) is published by the Magister of Information Systems, Post Graduate School Diponegoro University. It has e-ISSN: 2502-2377 dan p-ISSN: 2088-3587 . This is a National Journal accredited SINTA 2 by RISTEK DIKTI No. 48a/KPT/2017.
Journal JSINBIS which can be accessed online by http://ejournal.undip.ac.id/index.php/jsinbis is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
View My Stats
