Analisis Sistem Manajemen Keamanan Informasi Menggunakan Sni Iso/Iec 27001:2013 Pada Pemerintahan Daerah Kota Sukabumi(Studi Kasus: Di Diskominfo Kota Sukabumi)

Authors

  • Winda Apriandari
  • Ashwin Sasongko

DOI:

https://doi.org/10.37150/jsa.v8i1.391

Keywords:

Information Security Management System, ISMS Analysis, SNI ISO/IEC 27001:2013, SNI ISO/IEC 31000:2009

Abstract

DISKOMINFO (Communication and Information Service ) of Sukabumi is a government
institution that has responsibility for the management of Information and Communication
Technology in Local Government (PEMDA) Sukabumi. Sukabumi Information Technology
managed by Head of Infrastructure of ICT, Encryption and Data Integration. From the results of
interviews and observation , DISKOMINFO has problems on managing data securit, is because
lack of Human Resources, lack of awareness and responsibility and implementation of poor
information security that cause incidents or hacking of information security, especially in
Sukabumi City Information System. this causes disruption of the process of public service and
business in DISKOMINFO.The Information Security Management System (ISMS) is a management
system implemented by organizations, especially governments organitations, to secure information
assets against threats that exist within the scope of DISKOMINFO. The process carried out using
the PDCA cycle approach among the Plan Do Check Act. The ISMS handle infomation aspects
such as confidentiality, integrity, and availability information.The ISMS analysis uses SNI ISO /
IEC 27001: 2013 and SNI ISO / IEC 31000: 2009 risk management base. The ISMS analysis
purpose to identify risk profiles by identifying assets, threats, and vulnerabilities as well as
evaluating and controlling disruptions. ISMS produce security information manual, information
security procedure, work instruction and information security form.

Downloads

Published

2018-06-29

Issue

Section

Articles
Abstract viewed = 1118 times