An Information System Security Evaluation Model Based on AHP and GRAP

2009 ◽  
Author(s):  
Xu Cuihua ◽  
Lin Jiajun
Keyword(s):  
Information System ◽  
Evaluation Model ◽  
System Security ◽  
Security Evaluation ◽  
Information System Security ◽  
Model Based

scholarly journals KAMI index as an evaluation of academic information system security at XYZ university

2021 ◽  
Vol 11 (2) ◽  
pp. 55-62
Author(s):  
Andi Sofyan Anas ◽  
◽  
I Gusti Ayu Sri Devi Gayatri Utami ◽  
Adam Bachtiar Maulachela ◽  
Akbar Juliansyah ◽  
...  
Keyword(s):  
Information Technology ◽  
Information System ◽  
Information Security ◽  
System Security ◽  
Security Evaluation ◽  
Management Service ◽  
Maturity Level ◽  
Information System Security ◽  
Technology Governance ◽  
Academic Information

XYZ University is one of the universities that has used information technology to create quality service for students and the entire academic community. This Information technology service is managed by Information Technology and Communication Center (PUSTIK) which is responsible to carry out the development, management, service, and maintaining the security of information and communication technology. Good information technology governance should be able to maintain information security. Therefore, it is necessary to evaluate information system security especially the security of academic information systems. This information system security evaluation uses Keamanan Informasi (KAMI) Index which refers to the ISO/IEC 27001:2013 standard to be able to determine the maturity level of information security. An evaluation of five areas of the KAMI Index shows the Information Security Risk Management area gets the lowest score at 10 out of a total of 72. The result of the KAMI Index dashboard shows that the maturity level of each area of information security is at levels I and I+ with a total score of 166. This means that the level of completeness of implement ISO 27001:2013 standard is in the inadequate category.

scholarly journals Information System Security Audit Based on the DSS05 Framework Cobit 5 at Higher Education XX

2021 ◽  
Vol 9 (1) ◽  
pp. 35
Author(s):  
Rudolf Sinaga ◽  
Samsinar Samsinar ◽  
Renny Afriany
Keyword(s):  
Information System ◽  
System Security ◽  
Educational Institutions ◽  
Security Evaluation ◽  
Security Audit ◽  
Tertiary Institution ◽  
Information System Security ◽  
Access Rights ◽  
Commercial Organizations ◽  
To Receive

Currently, information has become a commodity or basic need, it can even be said that we are already in an "information-based social" era. It is undeniable that the ability to access and ensure the availability of information quickly and accurately has become a very essential component for an organization, whether in the form of social or commercial organizations, educational institutions such as universities, government agencies, and individuals. Various channels were created to regulate access rights to information, to prevent unauthorized people from accessing it, to minimize losses for the owner of the information. Based on the results of interviews with the research object of XX college, there are still frequent disruptions to information system security such as attacks on servers that result in server downtime, attacks on institutional e-mails that result in being unable to receive or even send e-mails, and other disturbances. This certainly harms information services at the tertiary institution, therefore an information system security audit is required. This study aims to measure the level of information system security capabilities using the Cobit 5 framework in the APO13 and DSS05 domains. Based on the results of the audit, it was found that the GAP value was 3.6 for the APO13 domain or at level 1 while 3.4 for the GAP DSS05 value or at level 2, it can be concluded that the information system security maturity level is still very low so that it needs improvement. It is recommended to make SOPs and documentation of maintenance, control, and periodic security evaluation, install an antivirus that has high and up to date protection accuracy, and make regular maintenance reports both on software and hardware.

scholarly journals Information System Security Evaluation Algorithm Based on PSO-BP Neural Network

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Qinghua Zheng
Keyword(s):  
Neural Network ◽  
Information System ◽  
Bp Neural Network ◽  
System Security ◽  
Bp Algorithm ◽  
Security Evaluation ◽  
Information System Security ◽  
The Core ◽  
Network Algorithm ◽  
Neural Network Algorithm

With the deepening of big data and the development of information technology, the country, enterprises, organizations, and even individuals are more and more dependent on the information system. In recent years, all kinds of network attacks emerge in an endless stream, and the losses are immeasurable. Therefore, the protection of information system security is a problem that needs to be paid attention to in the new situation. The existing BP neural network algorithm is improved as the core algorithm of the security intelligent evaluation of the rating information system. The input nodes are optimized. In the risk factor identification stage, most redundant information is filtered out and the core factors are extracted. In the risk establishment stage, the particle swarm optimization algorithm is used to optimize the initial network parameters of BP neural network algorithm to overcome the dependence of the network on the initial threshold, At the same time, the performance of the improved algorithm is verified by simulation experiments. The experimental results show that compared with the traditional BP algorithm, PSO-BP algorithm has faster convergence speed and higher accuracy in risk value prediction. The error value of PSO-BP evaluation method is almost zero, and there is no error fluctuation in 100 sample tests. The maximum error value is only 0.34 and the average error value is 0.21, which proves that PSO-BP algorithm has excellent performance.

Sign in / Sign up

Export Citation Format

Share Document