BibTex Citation Data :
@article{JSINBIS11239, author = {Yuni Yuze and Yudi Priyadi and Candiwan Candiwan}, title = {Analisis Sistem Manajemen Keamanan Informasi Menggunakan ISO/IEC 27001 : 2013 Serta Rekomendasi Model Sistem Menggunakan Data Flow Diagram pada Direktorat Sistem Informasi Perguruan Tinggi}, journal = {JSINBIS (Jurnal Sistem Informasi Bisnis)}, volume = {6}, number = {1}, year = {2016}, keywords = {Analysis Information Security; ISO/IEC 27001 : 2013; Maturity Level; SSE-CMM; CD/DFD}, abstract = { The importance of information and the possible risk of disruption, therefore the universities need to designed and implemented of the information security. One of the standards that can be used to analyze the level of information security in the organization is ISO/IEC 27001 : 2013 and this standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The objective of this research is to measure the level of information security based on standard ISO/IEC 27001: 2013 and modeling systems for information security management. This research uses descriptive qualitative approach, data collection and validation techniques with tringulasi (interview, observation and documentation). Data was analyzed using gap analysis and to measure the level of maturity this research uses SSE-CMM (Systems Security Engineering Capability Maturity Model). Based on the research results, Maturity level clause Information Security Policy reaches level 1 (Performed-Informally), clause Asset Management reaches level 3 (Well-Defined), clause Access Control reaches level 3 (Well-Defined), clause Physical and Environmental Security reaches level 3 (Well-Defined), clause Operational Security reaches level 3 (Well-Defined), Communication Security clause reaches the level 2 (Planned and Tracked). Based on the results of maturity level discovery of some weakness in asset management in implementing the policy. Therefore, the modeling system using the flow map and CD / DFD focused on Asset Management System. }, issn = {2502-2377}, pages = {38--45} doi = {10.21456/vol6iss1pp38-45}, url = {https://ejournal.undip.ac.id/index.php/jsinbis/article/view/11239} }
Refworks Citation Data :
The importance of information and the possible risk of disruption, therefore the universities need to designed and implemented of the information security. One of the standards that can be used to analyze the level of information security in the organization is ISO/IEC 27001 : 2013 and this standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The objective of this research is to measure the level of information security based on standard ISO/IEC 27001: 2013 and modeling systems for information security management. This research uses descriptive qualitative approach, data collection and validation techniques with tringulasi (interview, observation and documentation). Data was analyzed using gap analysis and to measure the level of maturity this research uses SSE-CMM (Systems Security Engineering Capability Maturity Model). Based on the research results, Maturity level clause Information Security Policy reaches level 1 (Performed-Informally), clause Asset Management reaches level 3 (Well-Defined), clause Access Control reaches level 3 (Well-Defined), clause Physical and Environmental Security reaches level 3 (Well-Defined), clause Operational Security reaches level 3 (Well-Defined), Communication Security clause reaches the level 2 (Planned and Tracked). Based on the results of maturity level discovery of some weakness in asset management in implementing the policy. Therefore, the modeling system using the flow map and CD / DFD focused on Asset Management System.
Article Metrics:
Last update:
Penulis yang mengirimkan naskah harus memahami dan menyetujui bahwa jika diterima untuk dipublikasikan, hak cipta dari artikel adalah milik JSINBIS dan Universitas Diponegoro sebagai penerbit jurnal.Hak cipta (copyright) meliputi hak eksklusif untuk mereproduksi dan memberikan artikel dalam semua bentuk dan media, termasuk cetak ulang, foto, mikrofilm dan setiap reproduksi lain yang sejenis, serta terjemahan. Penulis mempunyai hak untuk hal-hal berikut:
JSINBIS dan Universitas Diponegoro serta Editor melakukan segala upaya untuk memastikan bahwa tidak ada data, pendapat atau pernyataan yang salah atau menyesatkan yang dipublikasikan di jurnal ini. Isi artikel yang diterbitkan di JSINBIS adalah tanggung jawab tunggal dan eksklusif dari masing-masing penulis.
View My Stats This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.