Analisis Sistem Manajemen Keamanan Informasi Menggunakan Sni Iso/Iec 27001:2013 Pada Pemerintahan Daerah Kota Sukabumi(Studi Kasus: Di Diskominfo Kota Sukabumi)
(STUDI KASUS: DI DISKOMINFO KOTA SUKABUMI)
Keywords:Information Security Management System, ISMS Analysis, SNI ISO/IEC 27001:2013, SNI ISO/IEC 31000:2009
DISKOMINFO (Communication and Information Service ) of Sukabumi is a government
institution that has responsibility for the management of Information and Communication
Technology in Local Government (PEMDA) Sukabumi. Sukabumi Information Technology
managed by Head of Infrastructure of ICT, Encryption and Data Integration. From the results of
interviews and observation , DISKOMINFO has problems on managing data securit, is because
lack of Human Resources, lack of awareness and responsibility and implementation of poor
information security that cause incidents or hacking of information security, especially in
Sukabumi City Information System. this causes disruption of the process of public service and
business in DISKOMINFO.The Information Security Management System (ISMS) is a management
system implemented by organizations, especially governments organitations, to secure information
assets against threats that exist within the scope of DISKOMINFO. The process carried out using
the PDCA cycle approach among the Plan Do Check Act. The ISMS handle infomation aspects
such as confidentiality, integrity, and availability information.The ISMS analysis uses SNI ISO /
IEC 27001: 2013 and SNI ISO / IEC 31000: 2009 risk management base. The ISMS analysis
purpose to identify risk profiles by identifying assets, threats, and vulnerabilities as well as
evaluating and controlling disruptions. ISMS produce security information manual, information
security procedure, work instruction and information security form.
Authors who publish articles in SANTIKA Journal is a scientific journal agree to the following terms:
- Authors retain copyright of the article and grant the journal right of first publication with the work simultaneously licensed under a CC-BY-SA or The Creative Commons Attributionâ€“ShareAlike License.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).