scholarly journals Analisis Keamanan Sistem Informasi Berdasarkan Framework COBIT 5 Menggunakan Capability Maturity Model Integration (CMMI)

2019 ◽  
Vol 9 (1) ◽  
pp. 47
Author(s):  
Rusydi Umar ◽  
Imam Riadi ◽  
Eko Handoyo
Keyword(s):  
Information Technology ◽  
Information System ◽  
System Security ◽  
Security Level ◽  
Maturity Model ◽  
Information System Security ◽  
Capability Maturity ◽  
Information Technology Security ◽  
Technological Developments ◽  
Access Rights

Information technology is a very important part of a company or institution. The information system itself is expected to provide better benefits for companies or institutions. However, along with technological developments are often misused by some irresponsible parties that can lead to threats of the use of technology. Information system security is very important for institutions to maintain information optimally and safely. The existence of a security problem triggers a procedure to control access rights in an information system. A good information system is an information system that can be assessed at a security level, so that it can provide comfort for users. COBIT 5 as an information technology security control standard. Whereas to achieve the standard level of achievement CMMI is needed in information technology security. The combination of the two standards in the information system is able to provide a level of achievement of information technology. The results obtained from the maturity value are 4,458 which means the institutions are at the Managed and Measurable level. This level, institutions are increasingly made aware of technological developments. Institutions have implemented the quantification concept in each process, and are always monitored and controlled for performance. Information system security at this level is good, it's just that it still needs innovation and development to be ready, fast and right in handling security threats.

scholarly journals Analysis Security of SIA Based DSS05 on COBIT 5 Using Capability Maturity Model Integration (CMMI)

2019 ◽  
Vol 6 (2) ◽  
pp. 193-202
Author(s):  
Eko Handoyo ◽  
Rusydi Umar ◽  
Imam Riadi
Keyword(s):  
Information System ◽  
Information Systems ◽  
System Security ◽  
Security Level ◽  
Maturity Model ◽  
Maturity Level ◽  
Framework Analysis ◽  
Information System Security ◽  
Capability Maturity ◽  
Academic Information

A secure academic information system is part of the college. The security of academic information systems is very important to maintain information optimally and safely. Along with the development of technology, academic information systems are often misused by some irresponsible parties that can cause threats. To prevent these things from happening, it is necessary to know the extent to which the security of the academic information system of universities is conducted by evaluating. So the research was conducted to determine the Maturity Level on the governance of the security of University Ahmad Dahlan academic information system by using the COBIT 5 framework on the DSS05 domain. The DSS05 domain on COBIT 5 is a good framework to be used in implementing and evaluating related to the security of academic information systems. Whereas to find out the achievement of evaluation of academic information system security level, CMMI method is needed. The combination of the COBIT 5 framework on the DSS05 domain using the CMMI method in academic information system security is able to provide a level of achievement in the form of a Maturity Level value. The results of the COBIT 5 framework analysis of the DSS05 domain use the CMMI method to get a Maturity level of 4,458 so that it determines the achievement of the evaluation of academic information systems at the tertiary level is Managed and Measurable. This level, universities are increasingly open to technological developments. Universities have applied the quantification concept in each process, and are always monitored and controlled for performance in the security of academic information systems.

scholarly journals Analisis dan Audit Sistem Manajemen Keamanan Informasi (SMKI) pada Instansi Perpustakaan dan Arsip Daerah Kota Salatiga

2017 ◽  
Vol 3 (2) ◽  
pp. 279-284
Author(s):  
Gregorius Anung Hanindito
Keyword(s):  
Information Technology ◽  
Information System ◽  
System Security ◽  
Security Level ◽  
Physical Security ◽  
Information System Security ◽  
Security Control ◽  
Operation Control

Rapidly changing in Information Technology initiates various innovation that aims to provide convenience for enterprises, organizations, and institutions. Innovation is created to ease users in completing tasks and activities. Unfortunately, easiness in innovation gives chances of fraud and disruption to happen. This paper discusses how countermeasures on those issues are done in Salatiga Library and Archive Office using 4 (four) control aspects in Information System Audit: environtment security control, physical security control, logical security control, and IS operation control. This paper use three step of method, they are: planning and preparation, implementation, and reporting. The aim of this research is to examine the Information System security level in Salatiga Library and Archive Office.

scholarly journals KAMI index as an evaluation of academic information system security at XYZ university

2021 ◽  
Vol 11 (2) ◽  
pp. 55-62
Author(s):  
Andi Sofyan Anas ◽  
◽  
I Gusti Ayu Sri Devi Gayatri Utami ◽  
Adam Bachtiar Maulachela ◽  
Akbar Juliansyah ◽  
...  
Keyword(s):  
Information Technology ◽  
Information System ◽  
Information Security ◽  
System Security ◽  
Security Evaluation ◽  
Management Service ◽  
Maturity Level ◽  
Information System Security ◽  
Technology Governance ◽  
Academic Information

XYZ University is one of the universities that has used information technology to create quality service for students and the entire academic community. This Information technology service is managed by Information Technology and Communication Center (PUSTIK) which is responsible to carry out the development, management, service, and maintaining the security of information and communication technology. Good information technology governance should be able to maintain information security. Therefore, it is necessary to evaluate information system security especially the security of academic information systems. This information system security evaluation uses Keamanan Informasi (KAMI) Index which refers to the ISO/IEC 27001:2013 standard to be able to determine the maturity level of information security. An evaluation of five areas of the KAMI Index shows the Information Security Risk Management area gets the lowest score at 10 out of a total of 72. The result of the KAMI Index dashboard shows that the maturity level of each area of information security is at levels I and I+ with a total score of 166. This means that the level of completeness of implement ISO 27001:2013 standard is in the inadequate category.

scholarly journals Information System Security Audit Based on the DSS05 Framework Cobit 5 at Higher Education XX

2021 ◽  
Vol 9 (1) ◽  
pp. 35
Author(s):  
Rudolf Sinaga ◽  
Samsinar Samsinar ◽  
Renny Afriany
Keyword(s):  
Information System ◽  
System Security ◽  
Educational Institutions ◽  
Security Evaluation ◽  
Security Audit ◽  
Tertiary Institution ◽  
Information System Security ◽  
Access Rights ◽  
Commercial Organizations ◽  
To Receive

Currently, information has become a commodity or basic need, it can even be said that we are already in an "information-based social" era. It is undeniable that the ability to access and ensure the availability of information quickly and accurately has become a very essential component for an organization, whether in the form of social or commercial organizations, educational institutions such as universities, government agencies, and individuals. Various channels were created to regulate access rights to information, to prevent unauthorized people from accessing it, to minimize losses for the owner of the information. Based on the results of interviews with the research object of XX college, there are still frequent disruptions to information system security such as attacks on servers that result in server downtime, attacks on institutional e-mails that result in being unable to receive or even send e-mails, and other disturbances. This certainly harms information services at the tertiary institution, therefore an information system security audit is required. This study aims to measure the level of information system security capabilities using the Cobit 5 framework in the APO13 and DSS05 domains. Based on the results of the audit, it was found that the GAP value was 3.6 for the APO13 domain or at level 1 while 3.4 for the GAP DSS05 value or at level 2, it can be concluded that the information system security maturity level is still very low so that it needs improvement. It is recommended to make SOPs and documentation of maintenance, control, and periodic security evaluation, install an antivirus that has high and up to date protection accuracy, and make regular maintenance reports both on software and hardware.

scholarly journals Fuzzy Comprehensive Evaluation Algorithm for Power Information System Security Level Based on the Internet of Things

2016 ◽  
Vol 12 (05) ◽  
pp. 17
Author(s):  
Zeng Ming ◽  
Wang Shicheng
Keyword(s):  
Information System ◽  
Power Systems ◽  
Comprehensive Evaluation ◽  
System Security ◽  
Fuzzy Comprehensive Evaluation ◽  
The Internet ◽  
Security Level ◽  
Safe Operation ◽  
Information System Security ◽  
The Internet Of Things

With the development of information and communications technology, communication technology has been widely used in the electric power industry and has brought threats to the safe operation of power systems. Things can not only connect people; things can also connect other things. Therefore, the Internet of things plays an important role in power information system security. This study proposes a triangular fuzzy number weight method to calculate the index weight based on the analysis of the existing fuzzy algorithm and the security of a power information system. A fuzzy comprehensive evaluation model is established in accordance with matrix theory, statistical theory, and other methods after experimental data are analyzed. Results show that this algorithm can accurately evaluate system status and provide reference for managing power systems. The fuzzy algorithm for power information system security level ensures the safe operation of the power system and promotes its healthy development. This algorithm can significantly promote economic development in China.

Sign in / Sign up

Export Citation Format

Share Document