scholarly journals Analysis Security of SIA Based DSS05 on COBIT 5 Using Capability Maturity Model Integration (CMMI)

2019 ◽  
Vol 6 (2) ◽  
pp. 193-202
Author(s):  
Eko Handoyo ◽  
Rusydi Umar ◽  
Imam Riadi
Keyword(s):  
Information System ◽  
Information Systems ◽  
System Security ◽  
Security Level ◽  
Maturity Model ◽  
Maturity Level ◽  
Framework Analysis ◽  
Information System Security ◽  
Capability Maturity ◽  
Academic Information

A secure academic information system is part of the college. The security of academic information systems is very important to maintain information optimally and safely. Along with the development of technology, academic information systems are often misused by some irresponsible parties that can cause threats. To prevent these things from happening, it is necessary to know the extent to which the security of the academic information system of universities is conducted by evaluating. So the research was conducted to determine the Maturity Level on the governance of the security of University Ahmad Dahlan academic information system by using the COBIT 5 framework on the DSS05 domain. The DSS05 domain on COBIT 5 is a good framework to be used in implementing and evaluating related to the security of academic information systems. Whereas to find out the achievement of evaluation of academic information system security level, CMMI method is needed. The combination of the COBIT 5 framework on the DSS05 domain using the CMMI method in academic information system security is able to provide a level of achievement in the form of a Maturity Level value. The results of the COBIT 5 framework analysis of the DSS05 domain use the CMMI method to get a Maturity level of 4,458 so that it determines the achievement of the evaluation of academic information systems at the tertiary level is Managed and Measurable. This level, universities are increasingly open to technological developments. Universities have applied the quantification concept in each process, and are always monitored and controlled for performance in the security of academic information systems.

scholarly journals Analisis Keamanan Sistem Informasi Berdasarkan Framework COBIT 5 Menggunakan Capability Maturity Model Integration (CMMI)

2019 ◽  
Vol 9 (1) ◽  
pp. 47
Author(s):  
Rusydi Umar ◽  
Imam Riadi ◽  
Eko Handoyo
Keyword(s):  
Information Technology ◽  
Information System ◽  
System Security ◽  
Security Level ◽  
Maturity Model ◽  
Information System Security ◽  
Capability Maturity ◽  
Information Technology Security ◽  
Technological Developments ◽  
Access Rights

Information technology is a very important part of a company or institution. The information system itself is expected to provide better benefits for companies or institutions. However, along with technological developments are often misused by some irresponsible parties that can lead to threats of the use of technology. Information system security is very important for institutions to maintain information optimally and safely. The existence of a security problem triggers a procedure to control access rights in an information system. A good information system is an information system that can be assessed at a security level, so that it can provide comfort for users. COBIT 5 as an information technology security control standard. Whereas to achieve the standard level of achievement CMMI is needed in information technology security. The combination of the two standards in the information system is able to provide a level of achievement of information technology. The results obtained from the maturity value are 4,458 which means the institutions are at the Managed and Measurable level. This level, institutions are increasingly made aware of technological developments. Institutions have implemented the quantification concept in each process, and are always monitored and controlled for performance. Information system security at this level is good, it's just that it still needs innovation and development to be ready, fast and right in handling security threats.

scholarly journals AUDIT KEAMANAN SISTEM INFORMASI AKADEMIK DENGAN KERANGKA KERJA ISO 27001 DI PROGRAM STUDI SISTEM INFORMASI UNIKOM

2018 ◽  
Vol 16 (2) ◽  
pp. 121-131
Author(s):  
Marliana Budhiningtias Winanti ◽  
Ismail Dzulhan
Keyword(s):  
Information System ◽  
Information Systems ◽  
System Security ◽  
Primary System ◽  
Process Data ◽  
Security Audit ◽  
Information System Security ◽  
Security Controls ◽  
Academic Information ◽  
Iso 27001

Academic Information Systems Prodi UNIKOM Information System is the primary system used in the Information Systems Prodi process data and information about lectures and students. But in this system still found a lack of control of physical and logical security. To find out how your system security in organizations, information systems need security audit to determine whether security information is in accordance with the security procedures of management. Standardization used here is ISO 27001, this standards have been an international standards organization that is structured on the management of information security systems. Implementation of academic information system security audit is done by using the Audit Checklist ISO 27001: 2005. Audit results found security controls are still less well as the roles and responsibilities of employee safety, physical protection from disasters and power failures, data validation, and data backup are less regular. So the academic information system security controls is still need to be repairs in accordance with the recommendation.

scholarly journals KAMI index as an evaluation of academic information system security at XYZ university

2021 ◽  
Vol 11 (2) ◽  
pp. 55-62
Author(s):  
Andi Sofyan Anas ◽  
◽  
I Gusti Ayu Sri Devi Gayatri Utami ◽  
Adam Bachtiar Maulachela ◽  
Akbar Juliansyah ◽  
...  
Keyword(s):  
Information Technology ◽  
Information System ◽  
Information Security ◽  
System Security ◽  
Security Evaluation ◽  
Management Service ◽  
Maturity Level ◽  
Information System Security ◽  
Technology Governance ◽  
Academic Information

XYZ University is one of the universities that has used information technology to create quality service for students and the entire academic community. This Information technology service is managed by Information Technology and Communication Center (PUSTIK) which is responsible to carry out the development, management, service, and maintaining the security of information and communication technology. Good information technology governance should be able to maintain information security. Therefore, it is necessary to evaluate information system security especially the security of academic information systems. This information system security evaluation uses Keamanan Informasi (KAMI) Index which refers to the ISO/IEC 27001:2013 standard to be able to determine the maturity level of information security. An evaluation of five areas of the KAMI Index shows the Information Security Risk Management area gets the lowest score at 10 out of a total of 72. The result of the KAMI Index dashboard shows that the maturity level of each area of information security is at levels I and I+ with a total score of 166. This means that the level of completeness of implement ISO 27001:2013 standard is in the inadequate category.

Cyber Security Analysis of Academic Services based on Domain Delivery Services and Support using Indonesian E-Government Ratings (PEGI)

2020 ◽  
pp. 263-270
Author(s):  
Imam Riadi ◽  
Iwan Tti Riyadi Yanto ◽  
Eko Handoyo
Keyword(s):  
Higher Education ◽  
Information Systems ◽  
Information Service ◽  
Information Services ◽  
Security Evaluation ◽  
Security Level ◽  
Framework Analysis ◽  
Academic Information ◽  
Education Academic ◽  
Academic Services

Safe academic services are the most important part of universities. The security of academic services is very important to maintain information optimally and safely. Along with the development of technology, academic information services are often misused by some irresponsible parties that can cause threats. To prevent these things from happening, it is necessary to know the extent of governance of higher education academic information system security by evaluating. So the research was conducted to determine the maturity of the security of Higher Education academic information service security by using the COBIT 5 framework in the DSS05 domain. The DSS05 domain in COBIT 5 is a good framework for use in implementing and evaluating the security of academic information services. Meanwhile, to determine the achievement of the evaluation of the security level of academic information systems, the Indonesian e-government ranking (PEGI) method is required. The combination of the COBIT 5 framework in the DSS05 domain using the PEGI method in academic information security service is able to provide a level of achievement in the form of Customer Value. The results of the COBIT 5 framework analysis of the DSS05 domain using the PEGI method get a score of 3.50 so that the quality of academic information service security evaluation achievement is at a very good level. At this level, universities are increasingly open to technological development. Higher education has applied the concept of quantification in every process, and has always been monitored and controlled for its performance in the security of academic information systems.

Software Development for Information System - Achieving Optimum Quality with Security

2017 ◽  
Vol 8 (4) ◽  
pp. 1-20
Author(s):  
Syeda Umema Hani ◽  
Abu Turab Alam
Keyword(s):  
Information System ◽  
Information Systems ◽  
Software Development ◽  
Competitive Advantage ◽  
Process Improvement ◽  
System Development ◽  
Maturity Model ◽  
Capability Maturity ◽  
Quality Practices ◽  
Standard Quality

Information Systems acquisition, implementation, and development have been taking place in business organization to gain the competitive advantage. Rapid advancement of Technology is also popping up unethical issues involving violations of End users' data protection and privacy. This article discusses standard quality practices adhere to which a good quality software product is guaranteed while supporting the organizational strategic needs. It presents a framework that bridges Quality software development process improvement with strategic needs of an organization. Standard practices under consideration includes Capability Maturity Model for Development (CMMI-DEV) while using multi-model Process Improvement approach where an organization could use Balance Score Card technique while setting its strategic goals and monitoring their performance related to Information System development, and also link it with Information System management framework “Control Objectives for Information and Related Technology” (COBIT) - 5 released by Information Systems Audit and Control Association (ISACA), so that users could easily switch between the two standards. In last benefits are reported for using quality practices to realize attainment of competitive advantage.

scholarly journals EVALUASI TINGKAT KEMATANGAN PROSES DELIVERY AND SUPPORT PADA IMPLEMENTASI SISTEM INFORMASI AKADEMIK UNIVERSITAS NEGERI PADANG BERDASARKAN KERANGKA KERJA COBIT 4.0

2018 ◽  
Author(s):  
Syukhri ◽  
Nizwardi Jalinus ◽  
Ganefri
Keyword(s):  
Information System ◽  
Information Systems ◽  
Direct Observation ◽  
State University ◽  
Research Subjects ◽  
Maturity Level ◽  
Service Desk ◽  
Continuous Service ◽  
Level 3 ◽  
Academic Information

This study was conducted to determine maturity level of Delivery and Support process on the implementation of the Academic Information System Padang State University, according to the criteria in the Control Objectives for Information and Related Technology (COBIT). Processes evaluated were (1) Ensure Continuous Service, (2) Manage Service Desk and Incidents, and (3) Manage Data. The method used in this study is a questionnaire with the appropriate research subjects RACI diagram mapping, and direct observation of Academic Information Systems, State University of Padang. The findings showed the maturity level of the process ensure continuous service, manage service desk and incidents, and manage data in the implementation of the Academic Information System Padang State University is located on level 3 (the process is defined). Results of evaluation of the maturity level is fundamental in determining the proposed improvements to the management of the State University of Padang in order to improve the service.

scholarly journals Challenges Facing Information Systems Security Management in Higher Learning Institutions: A Case Study of the Catholic University of Eastern Africa - Kenya

2014 ◽  
Vol 3 (1) ◽  
pp. 336-349
Author(s):  
Bichanga Walter Okibo ◽  
Obara Brigit Ochiche
Keyword(s):  
Information System ◽  
Information Systems ◽  
Security Management ◽  
System Security ◽  
Higher Learning ◽  
Eastern Africa ◽  
Information Systems Security ◽  
Information System Security ◽  
Systems Security ◽  
Learning Institutions

With the popularity of internet applications, many organizations are facing unprecedented security challenges. Security techniques and management tools have caught a lot of attention from both academia and practitioners. However, there is lacking a theoretical framework for the challenges facing information security management in higher learning institutions. Thus this research looked into the challenges facing information systems security management in higher learning institutions. The study was guided by understanding the major challenges facing Information Systems Security Management and establishing the extent of the use of Information Systems Security Management in higher learning institutions. The study used descriptive survey design. It targeted information systems projects managers, administrators or top management and other users (staff) of the systems in key departments. Systematic sampling strategy was used. Descriptive statistics of SPSS were used to analyze the data. Factor analysis technique was used to identify the major challenges that affect management of an institution’s information system security. Pearson’s Chi-Square was used to test the relationships that exist between the categorical variables. The study found out that system vulnerability, computer crime and abuse, environmental security and financial backing/security are key challenges institutions of higher learning are experiencing in the management of their information systems. The study recommends the implementation of new policies and procedures to guide information system security. Programs for monitoring and evaluating information systems security in relation to performance indicators should be put in place. Institutions should invest heavily in developing their staff through training programmes such as seminars, workshops and conferences to further develop staff skills and abilities on information systems security issues.

Sign in / Sign up

Export Citation Format

Share Document