skip to main content

Evaluasi Keamanan Sistem Informasi Menggunakan Fuzzy FMEA Berbasis Framework ISO/IEC 27001:2013 untuk Meningkatkan Keamanan Informasi

*Aris Kusnandar  -  Magister Sistem Informasi, Sekolah Pascasarjana, Universitas Diponegoro, Semarang, Indonesia
Open Access Copyright (c) 2024 JSINBIS (Jurnal Sistem Informasi Bisnis)

Citation Format:
Abstract

Very few organizations are not aware of the importance of information security, even though information security is important to the running of an organization. Dinas Kependudukan XYZ faces a number of information security threats from various sources. Every security threat such as information theft, fraud, vandalism, and computer hacking will affect the organization. This research uses the ISO/IEC 27001:2013 framework as a method for. analyze risks. The risk value calculation uses the FMEA method which is integrated with the fuzzy method to determine the risk level of information security threats based on ISO/IEC 27001:2013. The research results are in the form of a risk processing report containing a list of risk priorities and control plans according to the ISO/IEC 27001:2013 standard. The information security risk priorities obtained in this research were 13 very high priority and 10 high priority. This proves that the organization has not complied with standard security/information procedures so it needs to document security policies based on ISO/IEC 27001:2013 to provide a sense of security and increase trust in the public.

Fulltext View|Download
Keywords: FMEA; Fuzzy; ISO 27001; Keamanan Informasi

Article Metrics:

  1. Achmadi, D., Suryanto, Y., Ramli, K., 2018. On Developing Information Security Management System (ISMS) Framework for ISO 27001-Based Data Center. 2018 International Workshop on Big Data and Information Security (IWBIS). https://doi.org/10.1109/IWBIS.2018.8471700
  2. Ardyansyah, H.R., Handayani, N.U., 2023. Analisis Pengendalian Kualitas Produk Kain Grey PS 946 dalam Upaya Mengurangi Tingkat Kecacatan Produk Menggunakan Metode Failure Mode and Effect Analysis (FMEA) dan Pendekatan Kaizen (Studi Kasus Pt. Primissima). Industrial Engineering Online Journal, 12(3)
  3. Balaraju, J., Raj, M.G., Murthy, C.S., 2019. Fuzzy-Fmea Risk Evaluation Approach For LHD Machine-A Case Study. Journal of Sustainable Mining, 18(4), 257-268. https://doi.org/10.1016/j.jsm.2019.08.002
  4. Calache, L.D.D.R., Zanon, L.G., Arantes, R.F.M, Osiro, L., Carpinetti, L.C.R., 2021. Risk Prioritization Based on the Combination of Fmea and Dual Hesitant Fuzzy Sets Method. Production, 31, 1–16. https://doi.org/10.1590/0103-6513.20200081
  5. Carvalho, C., Marques, E., 2019. Adapting Iso 27001 To A Public Institution. 2019 14th Iberian Conference on Information Systems and Technologies (CISTI). https://doi.org/10.23919/CISTI.2019.8760870
  6. Culot, G., Nassimbeni, G., Podrecca, M., Sartor, M., 2021. The ISO/IEC 27001 Information Security Management Standard: Literature Review and Theory-Based Research Agenda. TQM Journal, 33(7), 76-105. https://doi.org/10.1108/TQM-09-2020-0202
  7. Desy, I., Hidayanto, B.C., Astuti, H.M., 2014. Penilaian Risiko Keamanan Informasi Menggunakan Metode Failure Mode and Effects Analysis di Divisi TI Pt . Bank XYZ Surabaya. Seminar Nasional Sistem Informasi Indonesia (Sesindo), 2014, 467-472
  8. Fathurohman, A., Witjaksono, R.W., 2020. Analysis and Design of Information Security Management System Based on ISO 27001: 2013 Using Annex Control (Case Study: District of Government of Bandung City). Computer Science and Electrical Engineering, 1(1), 1-11. https://doi.org/10.25008/bcsee.v1i1.2
  9. Filz, M.A., Langner, J.E.B., Herrmann, C., Thiede, S., 2021. Data-Driven Failure Mode and Effect Analysis (FMEA) to Enhance Maintenance Planning. Computers In Industry, 129. 103451. https://doi.org/10.1016/j.compind.2021.103451
  10. Handayani, N.U., Wibowo, M.A., Sari, D.P., Satria, Y., Gifari, A.R., 2018. Penilaian Risiko Sistem Informasi Fakultas Teknik Universitas Diponegoro Menggunakan Metode Failure Mode Effect and Analysis Berbasis Framework Iso 27001. Teknik, 39(2), 78-85. https://doi.org/10.14710/teknik.v39i2.15918
  11. Kamil, Y., Lund, S., Islam, M.S., 2023. Information Security Objectives and the output legitimacy of ISO/IEC 27001: stakeholders’ perspective on expectations in private organizations in Sweden. Inf Syst E-Bus Manage, 21, 699-722. https://doi.org/10.1007/s10257-023-00646-y
  12. Kang, D., Shao, Y., Yin, X., Xiao, J., Rao, T., Shen, B., Chen, H., Zhu, Z., Wang, G., Liang, Y., 2017. Bioanalytical Assay Development and Validation for Simultaneous Quantification of Five Schisandra Lignans in Rat Primary Hepatocytes Based on Lc-Ms/Ms: Application to a Real-Time Uptake Study for Schisandra Lignan Extract. Biomedical Chromatography, 31(2). https://doi.org/10.1002/bmc.3797
  13. Mirtsch, M., Kinne, J., Blind, K., 2021. Exploring The Adoption of The International Information Security Management System Standard ISO/IEC 27001: a Web Mining-Based Analysis. IEEE Transactions on Engineering Management, 68(1), 87-100. https://doi.org/10.1109/TEM.2020.2977815
  14. Musyarofah, S.R., Bisma, R., 2021. Analisis Kesenjangan Sistem Manajemen Keamanan Informasi (SMKI) Sebagai Persiapan Sertifikasi ISO/IEC 27001:2013 pada Institusi Pemerintah. Teknologi: Jurnal Ilmiah Sistem Informasi 11(1), 1-15. https://doi.org/10.26594/teknologi.v11i1.2152
  15. Nuchpho, P., Nansaarng, S., Pongpullponsak, A., 2019. Modified Fuzzy FMEA Application in the Reduction of Defective Poultry Products. Engineering Journal. 23(1), 171–90. https://doi.org/10.4186/ej.2019.23.1.171
  16. Nugraha, B.A., Perdanakusuma, A.R., Rachmadi, A., 2020. Analisa Manajemen Risiko Pada Sistem Informasi Tata Naskah Dinas Elektronik dengan Kerangka Kerja NIST 800-30 pada Dinas Komunikasi dan Informatika Provinsi Jawa Timur. JPTIIK, 4(1):223-231
  17. Nurkertamanda, D., Wulandari, F.T., 2019. Analisa Moda dan Efek Kegagalan (Failure Mode and Effect Analysis/FMEA) pada Produk Kursi Lipat Chitose Yamamoto Haa. J@Ti Undip: Jurnal Teknik Industri, 4(1), 49-64. https://doi.org/10.12777/jati.4.1.49-64
  18. Nurul, S., Anggrainy, S., Aprelyani, S., 2022. Faktor-Faktor yang Mempengaruhi Keamanan Sistem Informasi: Keamanan Informasi, Teknologi Informasi dan Network (Literature Review SIM). Jurnal Ekonomi Manajemen Sistem Informasi (JEMSI), 3(5), 564-573. https://doi.org/10.38035/jemsi.v3i5.992
  19. Podrecca, M., Sartor, M., 2023. Forecasting the Diffusion of ISO/IEC 27001: a Grey Model Approach. Tqm Journal, 35(9), 123-151. http://dx.doi.org/10.1108/TQM-07-2022-0220
  20. Sulistyowati, I., Ginardi, R.V.H., 2019. Information Security Risk Management with Octave Method and ISO/EIC 27001: 2013 (Case Study: Airlangga University). Iptek Journal of Proceedings Series, 1. http://dx.doi.org/10.12962/j23546026.y2019i1.5103
  21. Suwarsono, L.W., Aisha, A.N., Nugraha, F.N., 2022. The Role of E-Learning Readiness on Workload: Perspective Engineering and Non-Engineering Students. International Journal of Innovation in Enterprise System, 6(1), 85-94. https://doi.org/10.25124/ijies.v6i01.165
  22. Syreyshchikova, N.V., Pimenov, D.Y., Mikolajczyk, T., Moldovan, L., 2019. Information Safety Process Development According To ISO 27001 for an Industrial Enterprise. Procedia Manufacturing, 32, 278-285. https://doi.org/10.1016/j.promfg.2019.02.215
  23. Yaqin, R.I., Zamri, Siahaan, J.P., Priharanto, Y.E., Alirejo, M.S., Umar, M.L., 2020. Pendekatan FMEA dalam Analisa Risiko Perawatan Sistem Bahan Bakar Mesin Induk: Studi Kasus di KM. Sidomulyo. Jurnal Rekayasa Sistem Industri, 9(3), 189-200. https://doi.org/10.26593/jrsi.v9i3.4075.189-200
  24. Yoseviano, H.F., Retnowardhani, A., 2018. The Use Of ISO/IEC 27001: 2009 To Analyze The Risk And Security Of Information System Assets: Case Study In XYZ, Ltd. 2018 International Conference on Information Management and Technology (ICIMTech), 21-26. https://doi.org/10.1109/ICIMTech.2018.8528096
  25. Yusnanto, T., Mustofa, K., Mahmudi, M.A., Wahyudiono, S., 2021. Fenomena Keamanan Informasi Pasca Era Revolusi Industri 5.0. Jurnal Transformasi, 17(2), 24-35

Last update:

No citation recorded.

Last update: 2024-07-20 13:42:15

No citation recorded.