skip to main content

Penilaian Risiko Sistem Informasi Fakultas Teknik Universitas Diponegoro Menggunakan Metode Failure Mode Effect And Analysis Berbasis Framework ISO 27001

Risk Assessment of Information System of Faculty of Engineering University Diponegoro Using Failure Mode Effect and Analysis Method based on Framework ISO 27001

*Naniek Utami Handayani orcid scopus  -  Department of Industrial Engineering, Faculty of Engineering, Diponegoro University, Indonesia
Mochammad Agung Wibowo  -  Department of Civil Engineering, Faculty of Engineering, Diponegoro University, Indonesia
Diana Puspita Sari  -  Department of Industrial Engineering, Faculty of Engineering, Diponegoro University, Indonesia
Yoga Satria  -  Department of Industrial Engineering, Faculty of Engineering, Diponegoro University, Indonesia
Akbar Romadhona Gifari  -  Department of Industrial Engineering, Faculty of Engineering, Diponegoro University, Indonesia
Open Access Copyright (c) 2019 Teknik

Citation Format:
Abstract

The data leakage and misuse of information by unauthorized parties that had happened forces the protection of security of information system in the Faculty of Engineering Diponegoro University (SIFT UNDIP) to be improved. This research aims to identify the risks, to analyze security of information system management, and to  determine risk priority in SIFT UNDIP. This research is conducted using Failure Mode Effect and Analysis method based on ISO 27001 framework. Analysis results show that there are 25 risk agents in SIFT UNDIP which are categorized into four types of assets. The highest risk in High Level Risk category is the risk of dependence on employees which has Risk Priority Number value of 80.

Fulltext View|Download
Keywords: Information System; Risk assessment; ISO 27001 Framework; risk agent; FMEA; RPN

Article Metrics:

  1. Chen, H.C. (1996) Failure Modes and Effects Analysis Training Manual. Personal Communication, Hen Technology Inc., USA
  2. Darmawi, H. (2005). Manajemen Resiko. Jakarta : Bumi Aksara,
  3. Djohanputro, B. (2008). Corporate Risks Management. Jakarta: PPM
  4. Huang, G.Q., Nie, M., Mak, K.L. (1999) Web-Based Failure Mode and Effect Analysis. Computers & Industrial Engineering, 37, 177-180
  5. Kountur, R. (2008). Manajemen Resiko Operasional Perusahaan. Jakarta: Pendidikan Pembinaan Manajemen
  6. Mufadhol (2009). Kerahasiaan dan Keutuhan Keamanan Data dalam Menjaga Integritas dan Keberadaan Informasi Data. Jurnal Transformatika, 6(2), 80
  7. Muslich, M. (2007). Manajemen Resiko Operasional. Jakarta: Bumi Aksara
  8. Russomanno, D.J., Bonnell, R.D., Bowles, J.B. (1993) Functional Reasoning in a Failure Modes and Effects Analysis (FMEA) Expert-System. Proceedings of the Annual Reliability and Maintainability Symposium, Atlanta, 26-28 January 1993, 339-347
  9. Sarno, R. (2009). Audit Sistem dan Teknologi Informasi. Surabaya: ITS Press
  10. Sarno, R., Iffano, I. (2009). Sistem Manajemen Keamanan Informasi berbasis ISO 27001. Surabaya: ITS Press
  11. Stamatis, D. H. (2003). Failure Mode and Effect Analysis: FMEA from Theory to Execution. Amer Society for Quality, 2
  12. Whitman, M.E., Mattord, H. J. (2010). Management of Information Security. Ed.3. Boston: Course Technology

Last update:

  1. Evaluasi Keamanan Sistem Informasi Menggunakan Fuzzy FMEA Berbasis Framework ISO/IEC 27001:2013 untuk Meningkatkan Keamanan Informasi

    Aris Kusnandar. Jurnal Sistem Informasi Bisnis, 14 (2), 2024. doi: 10.21456/vol14iss2pp181-190

Last update: 2024-12-23 10:37:05

No citation recorded.