scholarly journals An Analysis of Physical and Environmental Security in Communication and Information Department Mojokerto

2021 ◽  
Vol 328 ◽  
pp. 04012
Author(s):  
Eristya Maya Safitri ◽  
Ramadhani Aditya ◽  
Doddy Ridwandono ◽  
Satria Yudha Kartika Dhian
Keyword(s):  
Natural Disasters ◽  
Ad Hoc ◽  
Security Management ◽  
Environmental Safety ◽  
Environmental Security ◽  
Maturity Level ◽  
External Threats ◽  
Maximum Value ◽  
Security Control ◽  
Level 1

This study aims to provide an overview to the Communication and Information Department Mojokerto regarding the maturity level of physical and environmental security management at the agency, as well as to provide future recommendations. The results of research related to physical and environmental safety using the ISO 27002 standard, indicate that the level of physical and environmental security at the Communication and Information Department Mojokerto is still relatively low. Things that are still lacking include the lack of protection from external threats such as natural disasters, as well as the lack of care and maintenance of infrastructure. The maturity level of physical and environmental security control is 0.85 which is still at level 1 or Initial Ad Hoc from a maximum value of 5, which is at the Optimized level. It can be concluded that Communication and Information Department Mojokerto only knows that there are things that need attention but there is no standardization of the process. With this research, it is hoped that the Communication and Information Department Mojokerto can make improvements to improve physical and environmental security. In addition, it is also a consideration to obtain ISMS Certification with the ISO 27002 standard in the future.

scholarly journals AUDIT TATA KELOLA TEKNOLOGI INFORMASI DENGAN MENGGUNAKAN COBIT DAN VAL IT FRAMEWORK (STUDI KASUS : PT. PRIMASENTA RESOURCES INDONESIA)

2018 ◽  
Vol 4 (1) ◽  
pp. 1-11
Author(s):  
Andika Bayu Hasta Yanto ◽  
Ahmad Fauzi ◽  
Rifky Permana ◽  
Ricki Sastra
Keyword(s):  
Ad Hoc ◽  
Maturity Level ◽  
Level 3 ◽  
Level 1 ◽  
Level 2

Sehubungan dengan tata kelola TI, perludigunakan suatu standar yang baik untuk melihatpengelolaan TI yang ada. COBIT (ControlObjectives for Information and RelatedTechnology) sebagai salah satu alat dalampengukuran tata kelola TI dapat digunakan untukmelihat tata kelola TI yang ada. Domain Plan andOrganise (PO) dan Aquire and Implement(AI) sangat tepat dilaksanakan pada saat ini,karena organisasi yang sedang membentukstruktur dan bentuk baru. Tingkat kematangan(maturity level) yang ada pada setiap proses TI yangterdapat dalam domain Plan and Organise (PO) danAquire and Implement (AI) pada PT. PrimasentaResources Indonesia rata -rata pada tingkat 1,753dan masih berada pada level 1 (initial/ad-hoc),walaupun ada 3 (tiga) proses TI yang sudahberada di level 2 (repeatable but intuitive). Untukdapat mencapai tingkat kematangan yangdidinginkan (expected maturity level) di level 3(defined process) maka semua prosedur yangdisyaratkan di tiap proses harus dipenuhi. Untukmencapai level 3 (defined process), mengacu padastandarisasi COBIT maka setiap organisasi harusmemiliki mekanisme dan prosedur yang jelasmengenai tata cara dan manajemen proses investasiteknologi informasi, dan mengkomunikasikan sertamensosialisasikan dengan baik di seluruh jajaranmanajemen organisasi.

scholarly journals PENGUKURAN TINGKAT KEMATANGAN SIMASTER MENGGUNAKAN COBIT 4.1 DI SMA PLUS BBS BOGOR

2019 ◽  
Vol 7 (1) ◽  
pp. 47-58
Author(s):  
Mrs Irmayansyah ◽  
Agustina Rahayu Putri
Keyword(s):  
Ad Hoc ◽  
Maturity Level ◽  
It Performance ◽  
Level 1

SMA Plus BBS mempunyai Sistem Informasi Akademik yang mengatur seluruh kegiatan akademik yaitu Sistem Informasi Manajemen Sekolah Terpadu (SIMASTER). SIMASTER adalah Sistem Informasi Akademik berbasis web, SIMASTER memberikan kemudahan dalam pengelolaan manajemen sekolah. Pada saat ini, SIMASTER diterapkan secara baik, seluruh kegiatan akademik telah dibantu dengan adanya SIMASTER. Proses pengawasan telah dilakukan oleh pengelola SIMASTER. Hal ini perlu dibuktikan melalui proses penilaian pengawasan dan pengelolaan TI. Tujuan penelitian ini adalah untuk mengetahui tingkat kematangan proses pengawasan dan evaluasi SIMASTER SMA Plus BBS. Metode penelitian yang digunakan dalam penelitian ini adalah metode survey yaitu dengan mengambil atau mengumpulkan data melalui kuesioner. Hasil perhitungan dari seluruh sub domain Monitor and Evaluate IT Performance dapat diketahui bahwa tingkat kematangan (maturity level) pada sistem informasi SIMASTER berada pada tingkat 1,34 (satu koma tiga puluh empat) atau berada pada level 1 (Initial / Ad Hoc), artinya manajemen mengakui kebutuhan untuk mengumpulkan dan menilai informasi tentang proses pemantauan. Standar pengumpulan dan penilaian proses belum teridentifikasi. Pemantauan dilaksanakan dan metrik yang dipilih atas dasar kasus per kasus, sesuai dengan kebutuhan proyek IT yang spesifik.

Identifying core control items of information security management and improvement strategies by applying fuzzy DEMATEL

2015 ◽  
Vol 23 (2) ◽  
pp. 161-177 ◽  
Author(s):  
Li-Hsing Ho ◽  
Ming-Tsai Hsu ◽  
Tieh-Min Yen
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Security Management ◽  
Fuzzy Dematel ◽  
Information Security Management ◽  
Content Type ◽  
Cause And Effect ◽  
Information Security Management System ◽  
Security Control ◽  
Improvement Strategies

Purpose – The purpose of this paper is to analyze the cause-and-effect relationship and the mutually influential level among information security control items, as well as to provide organizations with a method for analyzing and making systematic decisions for improvement. Design/methodology/approach – This study utilized the Fuzzy DEMATEL to analyze cause-and-effect relationships and mutual influence of the 11 control items of the International Organization for Standardization (ISO) 27001 Information Security Management System (ISMS), which are discussed by seven experts in Taiwan to identify the core control items for developing the improvement strategies. Findings – The study has found that the three core control items of the ISMS are security policy (SC1), access control (SC7) and human resource security (SC4). This study provides organizations with a direction to develop improvement strategies and effectively manage the ISMS of the organization. Originality/value – The value of this study is for an organization to effectively dedicate resources to core control items, such that other control items are driven toward positive change by analyzing the cause-and-effect relation and the mutual influential level among information security control items, through a cause-and-effect matrix and a systematic diagram.

Penerapan Capability Maturity Model Integration Untuk Mengukur Tingkat Kematangan Organisasi Dalam Proses Pengembangan Perangkat Lunak (Studi Kasus: Direktorat Innovation Center Universitas Amikom Yogyakarta)

Respati ◽  
2020 ◽  
Vol 15 (1) ◽  
pp. 43
Author(s):  
Ita Permatahati ◽  
Wing Wahyu Winarno ◽  
Mei P Kurniawan
Keyword(s):  
Software Development ◽  
Development Process ◽  
Model Integration ◽  
Maturity Model ◽  
Software Development Process ◽  
Maturity Level ◽  
Capability Maturity ◽  
Level 1 ◽  
A Company ◽  
Level 2

INTISARIMenerapkan standarisasi pada suatu perusahaan yang bergerak dibidang pengembangan perangkat lunak merupakan salah satu cara untuk meningkatkan kualitasnya. CMMI merupakan salah satu standarisasi yang penulis pilih untuk mengetahui tingkat kematangan dari divisi Innovation CenterAmikom. CMMI yang digunakan ialah CMMI for Development versi 1.3 yang fokus terhadap tingkat kematangan di level 2 dengan 6 proses area. Penelitian ini mengambil 1 sample proyek di Innovation Center(IC) yaitu apliksai presensi berbasis mobile. Berdasarkan hasil dari pengukuran yang telah dilakukan, proses pengembangan lunak di IC berada di tingkat 1 (Initial) yang diketahui bahwa belum semua praktik yang ada di masing-masing 6 proses area diterapkan. Kata kunci— proses pengembangan perangkat lunak, CMMI, CMMI-DEV, Representasi Bertingkat, Tingkat Kematangan. ABSTRACTApplying standards to a company engaged in the development of devices is one way to improve its quality. CMMI is one of the standards chosen by the author to find out the level of maturity of the Innovation Center at Amikom. CMMI is used for CMMI for Development version 1.3 which focuses on the level of maturity at level 2 with 6 process areas. This study took 1 sample project at the Innovation Center (IC), a mobile-based presence application. Based on the results of the measurements that have been made, the development process at the IC is at level 1 (Initial) related to all the practices that exist in each of the 6 process areas that are applied.Kata kunci—  software development process, CMMI, CMMI-DEV, Leveled Representation, Maturity Level.

scholarly journals Analisis Sistem Manajemen Keamanan Informasi Menggunakan ISO/IEC 27001 : 2013 Serta Rekomendasi Model Sistem Menggunakan Data Flow Diagram pada Direktorat Sistem Informasi Perguruan Tinggi

2016 ◽  
Vol 6 (1) ◽  
pp. 38
Author(s):  
Yuni Cintia Yuze ◽  
Yudi Priyadi ◽  
Candiwan .
Keyword(s):  
Information Security ◽  
Asset Management ◽  
Management System ◽  
Security Management ◽  
Maturity Level ◽  
Information Security Management ◽  
Capability Maturity ◽  
Information Security Management System ◽  
Level 3 ◽  
Iec 27001

The importance of information and the possible risk of disruption, therefore the universities need to designed and implemented of the information security.  One of the standards that can be used to analyze the level of information security in the organization is ISO/IEC 27001 : 2013 and this standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The objective of this research is to measure the level of information security based on standard ISO/IEC 27001: 2013 and modeling systems for information security management. This research uses descriptive qualitative approach, data collection and validation techniques with tringulasi (interview, observation and documentation). Data was analyzed using gap analysis and to measure the level of maturity this research uses SSE-CMM (Systems Security Engineering Capability Maturity Model). Based on the research results, Maturity level clause Information Security Policy reaches level 1 (Performed-Informally), clause Asset Management reaches level 3 (Well-Defined), clause Access Control reaches level 3 (Well-Defined), clause Physical and Environmental Security reaches level 3 (Well-Defined), clause Operational Security reaches level 3 (Well-Defined), Communication Security clause reaches the level 2 (Planned and Tracked). Based on the results of maturity level discovery of some weakness in asset management in implementing the policy. Therefore, the modeling system using the flow map and CD / DFD focused on Asset Management System.

scholarly journals Investigating Process Maturity Modeling as an Advertising Process Improvement Paradigm

2019 ◽  
Vol 32 (2) ◽  
pp. 1-26
Author(s):  
Daniel Adrian Doss ◽  
Russ Henley ◽  
Qiuqi Hong ◽  
Trey Pickett
Keyword(s):  
Process Improvement ◽  
Ad Hoc ◽  
Service Marketing ◽  
Maturity Model ◽  
Maturity Level ◽  
Process Maturity ◽  
Capability Maturity ◽  
Product Marketing ◽  
Marketing Firms ◽  
First Maturity

Summary This article examined a variant of the Capability Maturity Model integrated (CMMi) through the lens of advertising process improvement. The population and sample were taken from a national array of U.S. marketing organizations. Using ANOVA, a 0.05 significance level, and a stratification of service marketing organizations versus product marketing organizations, the study showed a statistically significant difference (F(1, 304) = 4.03; p = 0.04; ω2 = 0.00) regarding the hypothesis representing the notion that processes were potentially sporadic, chaotic, and ad hoc. This notion corresponded to the first maturity level of the examined process maturity framework. With respect to the Likert-scale data representing the first maturity level, the successive means analysis showed that both service marketing firms (M = 2.99) and product marketing firms (M = 2.74) reported neutrality regarding whether processes were deemed sporadic, chaotic, and ad hoc. Thus, the respondents perceived no evidence of the first maturity level among the queried work settings. Future studies may examine different stratifications of marketing firms (e.g., for-profit versus non-profit; domestic versus international; and so on) to better explore the proposed advertising maturity model.

scholarly journals IMPLEMENTASI KAJIAN KELAYAKAN FINANSIAL UNTUK MENINGKATKAN TINGKAT KEMATANGAN MANAJEMEN INVESTASI TEKNOLOGI INFORMASI

2012 ◽  
Vol 6 (2) ◽  
pp. 126
Author(s):  
Benny Ranti ◽  
Johan Tambotoh
Keyword(s):  
It Governance ◽  
Steering Committee ◽  
Successful Implementation ◽  
Investment Management ◽  
Maturity Level ◽  
It Investment ◽  
Business Values ◽  
Level 3 ◽  
Level 1 ◽  
Owned Company

Salah satu pilar utama atau domain dari pengelolaan teknologi informasi (TI) adalah investasi TI. Oleh karena itu, strategi untuk mengelola investasi TI sangat penting untuk mendukung keberhasilan pelaksanaan pengelolaan TI (IT Governance). Perusahaan perlu mengetahui tingkat kematangan dari manajemen investasi TI yang dapat membantu mengelola investasi TI dengan benar. Penelitian ini melakukan pengukuran terhadap peningkatan level kematangan manajemen investasi TI pada perusahaan BUMN setelah mengaplikasikan studi kelayakan finansial berdasarkan Generic IS/IT Business Values oleh Ranti, pada setiap tahap investasi TI serta meningkatkan struktur organisasi TI dengan membentuk IT steering committee. Hasil dari penelitian ini menunjukkan bahwa level kematangan manajemen investasi TI meningkat dari level 1 menjadi level 3. One of the key pillars or domains of Information Technology (IT) Governance is IT investment. Therefore, the strategy to manage IT investment is essential to support the successful implementation of IT Governance. Companies need to know the maturity level of IT investment management that can help them managing the IT investment properly. This research measures the increase of IT investment management maturity level of a state-owned company in Indonesia (BUMN) after applying the Financial Feasibility Study based on Ranti's Generic IS/IT Business Values in each IT investment stage as well as improving IT organization structure by forming IT Steering Committee. The result of this study indicates that the level of IT investment management maturity has increased from level 1 to level 3.

scholarly journals Tingkat Ketahanan Sistem Informasi Administrasi Kependudukan (Studi pada Dinas Kependudukan dan Pencatatan Sipil Kota Yogyakarta)

2017 ◽  
Vol 23 (2) ◽  
pp. 21
Author(s):  
Aris Tundung ◽  
Tri Kuntoro Priyambodo ◽  
Armaidy Armawi
Keyword(s):  
Information System ◽  
Information Security ◽  
Public Services ◽  
Security Management ◽  
Population Data ◽  
Development Planning ◽  
Maturity Level ◽  
Information Security Management ◽  
Civil Registration ◽  
Yogyakarta City

ABSTRACTBureaucratic reforms aim to deliver excellence public services including civil registration service. The Law on Population Administration states that the use of the Population Administration Information System (SIAK) is one of the government's efforts to protect the secrecy, integrity and availability of population data related to its function as the basis for public services, development planning, budget allocation, democratic development, and law enforcement and criminal prevention. The study measures information technology resilience level by describing Yogyakarta City Civil Registry Service Office (Dindukcapil) information security management, the level of maturity and completeness of SIAK management, and SIAK success level. The study uses mixed method guided by ISO/IEC 27001document, Information Security (INFOSEC) Index form, and questionnaire prepared under the DeLone and McLane Models. Yogyakarta City Dindukcapil has not set up rules and documentation on information security management. The actions taken are reactive, not referring to overall risk without clear flow of authority and control. The study concludes the SIAK is "Highly Needed" by the Civil Registry Service Office of Yogyakarta City. The value of the information security management areas completeness level reaches 312 points out of maximum value 645 points. Those findings category SIAK security management into “Need Improvement" category. The maturity level of information security management range from "Maturity Level I/ Initial Condition" to "Maturity Level II+/ Basic Implementation". 77,3% users clarify “positive” perception and 1,2% users reveal “negative” judgement that made SIAK belongs to “Success” information system category.ABSTRAKReformasi birokrasi mengamanatkan peningkatan mutu dan kecepatan layanan publik pemerintah termasuk layanan administrasi kependudukan. Undang-undang tentang Administrasi Kependudukan menyebutkan penggunaan Sistem Informasi Administrasi Kependudukan (SIAK) merupakan salah satu usaha pemerintah untuk mengelola dan melindungi kerahasiaan, keutuhan dan ketersediaan data kependudukan terkait fungsinya sebagai dasar pelayanan publik, perencanaan pembangunan, alokasi anggaran, pembangunan demokrasi, dan penegakan hukum dan pencegahan kriminal. Penelitian dilakukan untuk mengetahui ketahanan sistem informasi SIAK melalui gambaran pengelolaan keamanan informasi Dindukcapil Kota Yogyakarta, tingkat kematangan dan kelengkapan pengelolaan SIAK, dan tingkat kesuksesan SIAK. Penelitian menggunakan metode campuran dengan menggunakan kisi-kisi ISO/IEC 27001, instrumen perhitungan dalam borang Indeks KAMI, dan kuesioner yang disusun berdasarkan Model DeLone dan McLane yang sudah diperbaharui yang mendiskusikan tentang Kualitas Informasi, Kualitas Sistem, Kualitas Pelayanan, Penggunaan, Kepuasan Pengguna, Manfaat Bersih (DeLone dan McLane, 2004: 32). Dindukcapil Kota Yogyakarta belum menyusun aturan dan dokumentasi pengelolaan keamanan informasi. Tindakan yang dilakukan bersifat reaktif, tidak mengacu pada keseluruhan risiko tanpa alur kewenangan dan pengawasan yang jelas. Peran SIAK termasuk dalam kategori “Tinggi” namun nilai kelengkapan penerapan standar pengelolaan keamanannya hanya mencapai 312 dari nilai total 645 sehingga pengelolaan keamanan SIAK masuk dalam kategori “Perlu Perbaikan”. Tingkat kematangan penerapan standar keamanan berkisar pada “Tingkat Kematangan I/ Kondisi Awal” sampai dengan “Tingkat Kematangan II+/ Penerapan Kerangka Kerja Dasar”. Tingkat kesuksesan SIAK termasuk dalam kategori “Sukses”, 77,3% pengguna memberikan pernyataan “positif” dan hanya 1,2% pengguna memberikan pernyataan “negatif”.

Sign in / Sign up

Export Citation Format

Share Document