INTEGRASI FRAMEWORK DALAM MENYUSUNAN PROSEDUR PENGELOLAAN KEAMANAN INFORMASI
Abstract
Improving the quality of services today is played by the adoption of ICT in various scopes, so that the aspect that emerges is the issue of information security in the administration of governance. This study aims to develop information security management guidelines with the integration of 3 frameworks which include COBIT 5, ITIL V3 and ISO/IEC 27001:2013. The object of research is the Jombang District Communication and Information Service. There are 3 stages of research, namely the preparation of guidelines, verification, validation and improvement. The results of the first stage were obtained from each framework starting from COBIT 5 using APO13 with 10 activities, ITIL V3 service design sub domain Information Security Management with 7 activities, and ISO/IEC 27001:2013 clause A.11 15 activities. COBIT sub domain 5 APO13.01 mapped with 9 clauses ISO/IEC 27001:2013 and 3 activities ITIL, APO13.02 mapped with 4 clauses ISO/IEC 27001:2013 and 1 activity ITIL, APO13.03 mapped with 2 clauses ISO/IEC 27001:2013 and 3 ITIL activities. The results of the verification showed that 66.7% of the interviewees rated the guidelines in language and terms as being quite clear, easy to understand and implement. Meanwhile, 100% of the interviewees considered that the division of roles was appropriate and able to answer agency needs. The results of the guideline expert judgment validation were declared valid.
Keywords
Full Text:
PDF (Bahasa Indonesia)References
Afrianto, I., Suryana, T., & Sufa’atin. (2014). Pengukuran Keamanan Informasi pada Aplikasi dan Sistem Informasi Pendukung Akademik Menggunakan SNI ISO/IEC 27001:2009 (p. 7). Unikom.
Akraman, R., & Priyadi, Y. (2018). Pengukuran Kesadaran Keamanan Informasi dan Privasi Pada Pengguna Smartphone Android di Indonesia. 02, 115–122.
Andry, J. F., Lee, F. S., Darma, W., Rosadi, P., & Ekklesia, R. (2022).
Audit Sistem Informasi Menggunakan Cobit 5 Pada Perusahaan Penyedia Layanan Internet. Jurnal Ilmiah Rekayasa Dan Manajemen Sistem Informasi, 8(1), 17. https://doi.org/10.24014/rmsi.v8i1.14761
Bakri, M., & Irmayana, N. (2017). Analisis Dan Penerapan Sistem Manajemen Keamanan Informasi Simhp Bpkp Menggunakan Standar Iso 27001. Jurnal Tekno Kompak, 11(2), 41. https://doi.org/10.33365/jtk.v11i2.162
Ernawati, L., & Santoso, H. B. (2016). Tata Kelola Teknologi Informasi Di Lingkungan Perguruan Tinggi: Hambatan, Tantangan, Dan Peluang. Seminar Nasional APTIKOM (SEMNASTIKOM), 2(1), 806–811.
Fdis, I. E. C. (2013). INTERNATIONAL STANDARD ISO / IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements. 2013.
Handoko, Y. (2017). Pemanfaatan ITIL v3 untuk Mengatasi Masalah Layanan TI pada Sistem Terintegrasi di Perguruan Tinggi Using ITIL v3 to Solve IT Service Problem in Integration System at Universities. Prosiding SAINTIKS FTIK UNIKOM, 2.
Lenawati, M., Winarno, W. W., & Amborowati, A. (2017). Tata Kelola Keamanan Informasi pada PDAM Menggunakan ISO/IEC 27001:2013 dan COBIT 5. Sentra Penelitian Engineering Dan Edukasi, 9(1), 44–49. http://speed.web.id/jurnal/index.php/speed/article/view/220
Milkovich, A. (2012). A Business Framework for the Governance and Management of Enterprise IT.
Moonda, P. A., & Norita, B. (2020). Audit Tata Kelola Teknologi Informasi Menggunakan Framework Cobit 5 (Studi Kasus : PT. Jamkrida Provinsi Jawa Tengah). Jurnal Masyarakat Informatika, 11(1), 1–21. https://doi.org/10.14710/jmasif.11.1.31449
Noviarti, & Yosi Stefhani. (2022). Analisis Tata Kelola Perusahaan, Dan Nilai Perusahaan. Jurnal Manajemen, 6(2), 73–82. https://doi.org/10.54964/manajemen.v6i2.205
Nurul, S., Anggrainy, S., & Aprelyani, S. (2022). Faktor-Faktor Yang Mempengaruhi Keamanan Sistem Informasi : Keamanan Informasi , Teknologi Informasi Dan Network ( Literature Review Sim ). Jurnal Ekonomi Manajemen Sistem Informasi (Jemsi), Vol. 3(No. 5), 564–573.
Pratama, E. R., & Perdana kusuma, A. R. (2018). Evaluasi Tata Kelola Sistem Keamanan Teknologi Informasi Menggunakan Indeks KAMI dan ISO 27001. 2(11), 5911–5920.
Pratiwi, W. A. (2019). Perencanaan Sistem Manajemen Keamanan Informasi Berdasarkan Standar ISO 27001:2013 pada Kominfo Provinsi Jawa Timur. 1–168. https://repository.dinamika.ac.id/id/eprint/3310/1/14410100156-2019-STIKOMSURABAYA.pdf
Pribadi, M. R. (2013). Penerapan Tata Kelola Teknologi Informasi Dengan Menggunakan Cobit Framework 4.1 (Studi Kasus Pada Pt. Vaksincom). Jurnal Eksplora Informatika, 1(November), 115–124. http://digilib.esaunggul.ac.id/UEU-Undergraduate-200883091/408
Sulaiman Naibaho, R. (2017). PERANAN DAN PERENCANAAN TEKNOLOGI INFORMASI DALAM PERUSAHAAN. April. https://media.neliti.com/media/publications/290731-peranan-dan-perencanaan-teknologi-inform-ad00d595.pdf
Tambotoh, J. J., Augie David Manuputty, M., & Kristen Satya Wacana Salatiga, U. (2015). Pengukuran Tingkat Kapabilitas Tata kelola TI Menggunakan Kerangka kerja COBIT 5 (Studi Kasus: PT. PDA. Net Kota Cirebon) Artikel Ilmiah Peneliti: Rininta Ayunigdiah (682011607). 5.
Taylor, S., Lloyd, V., & Rudd, C. (n.d.). ITIL Version 3 Service Design. OGC.
Wibowo, A. M. (n.d.). Service Design IT Infrastructure Library Versi 3.
Widya, D. R. (2016). PENGARUH FAKTOR PENDIDIKAN, PELATIHAN DAN PENGUASAAN KOMPUTER STAF BAGIAN KEUANGAN TERHADAP KUALITAS PENYAJIAN INFORMASI AKUNTANSI. In http://repository.unpas.ac.id/.
DOI: https://doi.org/10.17509/manajerial.v22i2.59606
Refbacks
- There are currently no refbacks.
Copyright (c) 2023 Universitas Pendidikan Indonesia (UPI)
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Jurnal Manajerial is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
View My Stats