Audit Keamanan Sistem Informasi Di  Dinas Xyz Provinsi Lampung Menggunakan Standar Iso/Iec 27001:2013

Meyliana, Annisa; Tristiyanto, Tristiyanto; Prabowo, Rizky

doi:10.23960/pepadun.v1i1.16

Cited by 2 publications

(4 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Penelitian tersebut meneliti tentang sistem manajemen kualiatas dan tata kelola teknologi informasi. Selanjutnya Maulana [8], melakukan analisis menggunakan framework COBIT 5 dan ISO/IEC 27001 dan menunjukkan bahwa rata-rata performa dari 7 klausul sebesar 1.42 berada pada kategori Performed Informally. Penelitian tersebut menghasilkan rekomendasi berupa peraturan terhadap pemeliharaan peralatan, pencadangan informasi dan utilitas pendukung.…”

Section: Tinjauan Literaturunclassified

Analysis IT Governance of Perumdam Tirta Siak using COBIT 2019 and ISO27001

Sari,

Andriyani,

et al. 2024

SISTEMASI

View full text Add to dashboard Cite

Perumdam Tirta Siak Pekanbaru (PDAM) merupakan perusahaan pemerintah daerah yang bertanggung jawab atas pengelolaan dan pemenuhan kebutuhan air bersih. PDAM saat ini telah menggunakan teknologi informasi untuk memberikan pelayanan prima bagi pelanggan. Institute of Directors Report menerangkan bahwa perusahaan memiliki tata kelola teknologi informasi yang baik jika menekankan pada manajemen risiko dan manajemen sumberdaya, pemenuhan nilai dan penyelarasan strategis. Tingkat kapabilitas TI dalam mendukung kinerja perusahaan dapat diketahui melalui kegiatan evaluasi terhadap implementasi TI yang digunakan saat ini. Evaluasi penting dilakukan untuk mengetahui tingkat kapabilitas TI dalam mendukung kinerja perusahaan sesuai dengan tujuan. Dengan demikian, penelitian yang disajikan menekankan pada evaluasi tata kelola teknologi informasi melalui proses analisis menggunakan kerangka kerja COBIT 2019 dan standar ISO/IEC 27001 dengan objektif proses APO14 -Managed Data dan BAI06 -Managed IT Changes. Hasil penelitian menujukkan bahwa tingkat kapabilitas implementasi TI saat ini pada objektif APO14 -Managed Data dan BAI06 -Managed IT Changes berada pada level 2 yaitu proses telah berjalan akan tetapi masih terdapat sejumlah aktivitas yang belum dilakukan dengan baik. Terdapat kesenjangan antara level kapabilitas saat ini dengan level kapabilitas yang diinginkan sebesar 1 level (APO14) dan 2 level (BAI06). Dengan demikian, diusulkan 15 rekomendasi perbaikan yang mengacu pada standar ISO/IEC 27001 untuk merealisasikan tata kelola TI yang efektif, efisien dan selaras dengan tujuan perusahaan.

show abstract

Section: Tinjauan Literaturunclassified

Analysis IT Governance of Perumdam Tirta Siak using COBIT 2019 and ISO27001

Sari,

Andriyani,

et al. 2024

SISTEMASI

View full text Add to dashboard Cite

show abstract

“…The assessment in this research uses maturity levels from level 0, namely "None," to level 5, namely "Optimized." The depiction of the results of data analysis using maturity levels for the answers to this questionnaire can be said to be good enough to be sufficient to draw appropriate conclusions and suggestions; this research was conducted at a relatively large company, namely, one of the private banks located in Indonesia [11].…”

Section: IImentioning

confidence: 99%

“…Another study contains information system security audits at the xyz service in Lampung province using the ISO/IEC 27001:2013 standard. This study [11] aims to audit LAZNAS YDSF services using the 13 clauses proposed by ISO 27001. This research also carries out a Strength, Weakness, Opportunity, Threat (SWOT) analysis, which aims to find out more deeply about the systematic factors in company/related services. The assessment of the results of respondents in this study used a maturity level on a scale of 0-5.…”

Section: IImentioning

confidence: 99%

“…The assessment of the results of respondents in this study used a maturity level on a scale of 0-5. The assessment of this company/department results in some aspects having weaknesses, and some aspects having more strengths; therefore, at the end of this journal, the author provides recommendations for aspects that are felt less than expectations, namely a scale of 5 [11].…”

Section: IImentioning

confidence: 99%

See 1 more Smart Citation

Information Technology Security Audit at the YDSF National Zakat Institution Using the ISO 27001 Framework

Kamal,

Muhamad,

Sudianto

et al. 2024

SISFOKOM

View full text Add to dashboard Cite

In this era of cyber crimes, data security is an important aspect that needs special attention from an organization. This is reinforced by the ratification of Law Number 27 of 2022 on personal data security. The National Zakat Amil Institute (LAZNAS) Yayasan Dana Sosial al Falah (YDSF) as an institution with a legal entity and having data on more than 100,000 donors and partners, it also has an obligation to protect the personal data of donors and partners. The focus of this research is to evaluate and audit information technology at the LAZNAS YDSF, especially regarding the security aspect of information technology. Evaluations and audits were carried out using the ISO 27001 framework as a standardization of information technology security at the international level. In this study, information technology audits were conducted using quantitative methods. The assessment was carried out on seven main clauses that are priorities for the LAZNAS YDSF based on management priorities: compliance clauses, risk management, policies, assets, physical and environmental management, access control, and incident management. Data were collected using a questionnaire distributed to all the LAZNAS YDSF managers and employees. Fifty-five respondents, ranging from management to staff, were involved in filling out the questionnaire, ranging from management to staff. Based on the recapitulation of answers from respondents, it was found that the risk management and access control clauses had good results, with scores of 2,727 and 2,796. The compliance and incident management clauses have scores of 2.381 and 2.53, respectively; therefore, improvement efforts need to be made. By evaluating and auditing information technology that refers to the ISO 27001 standard, it is hoped that LAZNAS YDSF can protect and maintain the confidentiality, integrity, and availability of information, and manage and control information security risks.

show abstract

Audit Keamanan Sistem Informasi Di Dinas Xyz Provinsi Lampung Menggunakan Standar Iso/Iec 27001:2013

Cited by 2 publications

References 1 publication

Analysis IT Governance of Perumdam Tirta Siak using COBIT 2019 and ISO27001

Analysis IT Governance of Perumdam Tirta Siak using COBIT 2019 and ISO27001

Information Technology Security Audit at the YDSF National Zakat Institution Using the ISO 27001 Framework

Contact Info

Product

Resources

About