scholarly journals Analisis Keamanan Informasi Menggunakan Tools Indeks Kami ISO 4.1

2021 ◽  
Vol 2 (2) ◽  
pp. 78-86
Author(s):  
Ade Kornelia ◽  
Dedi Irawan
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Information Management ◽  
Applied Research ◽  
Good Information ◽  
Maturity Level ◽  
Certification Process ◽  
International Standard ◽  
Managerial Skills ◽  
Iso 27001

Information is a very valuable asset for a university institution. Utilization of information technology offers various conveniences in obtaining the information needed. Good information management can make universities have good managerial skills. protecting information security means that it also requires efforts to pay attention to the security factors of all supporting assets such as networks, as well as other facilities that are directly or indirectly related to the process of organizing information. Bina Darma University is an institution that is engaged in the field of education and science, which has a vision that is to become an International Standard University Based on Information Technology By 2025, to realize this there are several efforts prepared, one of which is to improve information security by implementing the ISO 27001 certification process. :2013. So in the context of Bina Darma University will implement ISO 27001: 2013. Using the method of Applied Research (applied research) the author took the initiative to conduct research with the title ANALYSIS OF INFORMATION SECURITY USING OUR INDEX TOOLS 4.1 So as to produce Knowing the maturity level of information security with a status of Inappropriate, Needs improvement , Enough and Good at Bina Darma University.

scholarly journals Desain dan Implementasi Standar Operasional Prosedur (SOP) Keamanan Sistem Informasi Fakultas Teknik Universitas Diponegoro Menggunakan Standar ISO 27001

2015 ◽  
Vol 3 (3) ◽  
pp. 387
Author(s):  
Penji Prasetya ◽  
Adian Fatchur Rochim ◽  
Ike Pertiwi Windasari
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Security Policy ◽  
Qualitative Methodology ◽  
Standard Operating Procedures ◽  
Final Project ◽  
Security Controls ◽  
Standard Operating ◽  
Initial Objective ◽  
Iso 27001

Like today's modern era, information technology is needed to support the business processes of the organization. In the use of information technology organization must have policies and standard operating procedures are good that any work carried out in the appropriate direction of the organization. Not only that, the organization must also pay attention to information security of any assets owned. This final project aims to make policies and standard operating procedures (SOP) and assessing the information security risk in the assets of the organization. In the process of this skripsi refers to the standard of ISO 27001 as the standard for information security management and use of qualitative methodology, where qualitative methodology is a methodology that produces descriptive data in the form of words written or spoken of people and behaviors that can be observed. This final project resulted in the level of risk that is contained in the value of assets and generate recommendations to improve the security controls in the information security of assets based on the clauses of ISO 27001. In accordance with the initial objective of this final project also produce information security policy document and document information security standard operating procedures.

scholarly journals Maturity Framework Analysis ISO 27001: 2013 on Indonesian Higher Education

2020 ◽  
Vol 9 (2) ◽  
pp. 429
Author(s):  
IGN Mantra ◽  
Aedah Abd. Rahman ◽  
Hoga Saragih
Keyword(s):  
Higher Education ◽  
Information System ◽  
Information Security ◽  
Security Management ◽  
System Security ◽  
Maturity Level ◽  
Information Security Management ◽  
Security Practices ◽  
Level 3 ◽  
Iso 27001

Information Security Management System (ISMS) implementation in Institution is an effort to minimize information security risks and threats such as information leakage, application damage, data loss and declining IT network performance. The several incidents related to information security have occurred in the implementation of the Academic System application in Indonesian higher education. This research was conducted to determine the maturity level of information security practices in Academic Information Systems at universities in Indonesia. The number of universities used as research samples were 35 institutions. Compliance with the application of ISO 27001:2013 standard is used as a reference to determine the maturity level of information system security practices. Meanwhile, to measure and calculate the level of maturity using the SSE-CMM model. In this research, the Information System Security Index obtained from the analysis results can be used as a tool to measure the maturity of information security that has been applied. There are six key areas examined in this study, namely the role and importance of ICT, information security governance, information security risk management, information security management framework, information asset management, and information security technology. The results showed the level of information security maturity at 35 universities was at level 2 Managed Process and level 3 Established Process. The composition is that 40% of universities are at level 3, and 60% are out of level 3. The value of the gap between the value of the current maturity level and the expected level of maturity is varied for each clause (domain). The smallest gap (1 level) is in clause A5: Information Security Policy, clause A9: Access Control, and clause A11: Physical and environmental security. The biggest gap (4 levels) is in clause A14: System acquisition, development and maintenance and clause A18: compliance.   

scholarly journals KAMI index as an evaluation of academic information system security at XYZ university

2021 ◽  
Vol 11 (2) ◽  
pp. 55-62
Author(s):  
Andi Sofyan Anas ◽  
◽  
I Gusti Ayu Sri Devi Gayatri Utami ◽  
Adam Bachtiar Maulachela ◽  
Akbar Juliansyah ◽  
...  
Keyword(s):  
Information Technology ◽  
Information System ◽  
Information Security ◽  
System Security ◽  
Security Evaluation ◽  
Management Service ◽  
Maturity Level ◽  
Information System Security ◽  
Technology Governance ◽  
Academic Information

XYZ University is one of the universities that has used information technology to create quality service for students and the entire academic community. This Information technology service is managed by Information Technology and Communication Center (PUSTIK) which is responsible to carry out the development, management, service, and maintaining the security of information and communication technology. Good information technology governance should be able to maintain information security. Therefore, it is necessary to evaluate information system security especially the security of academic information systems. This information system security evaluation uses Keamanan Informasi (KAMI) Index which refers to the ISO/IEC 27001:2013 standard to be able to determine the maturity level of information security. An evaluation of five areas of the KAMI Index shows the Information Security Risk Management area gets the lowest score at 10 out of a total of 72. The result of the KAMI Index dashboard shows that the maturity level of each area of information security is at levels I and I+ with a total score of 166. This means that the level of completeness of implement ISO 27001:2013 standard is in the inadequate category.

scholarly journals Analisis Manajemen Keamanan Informasi Menggunakan Standard ISO 27001:2005 Pada Staff IT Support Di Instansi XYZ

2019 ◽  
Vol 2 (2) ◽  
Author(s):  
Titus Kristanto ◽  
Mohammad Sholik ◽  
Dewi Rahmawati ◽  
Muhammad Nasrullah
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Security Management ◽  
Risk Level ◽  
Educational Organizations ◽  
Information Security Management ◽  
Technical Problems ◽  
Research Results ◽  
It Support ◽  
Iso 27001

Information security management is very important to use, especially for educational instutions, because it is able to reduce the risk of threats to the use of information technology for educational organizations. Information security management is indispensable as an effort to minimize the risk of data enhancement and information threats. Implementation of information security management is intended to know technical problems and non technical problems. The research uses the ISO 27001:2005 standard is very flexible depending on the needs of the organization and focus on information security management. The research results using the ISO 27001:2005 standard is able to reduce the risk level and perform some activities that must be improved to improve information security at XYZ institutions.

scholarly journals Information Security: Theoretical and Applied Aspects

2021 ◽  
pp. 183-191
Author(s):  
А.Н. Сухов
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Cyber Security ◽  
Security Policy ◽  
Applied Research ◽  
Negative Effects ◽  
Relevant Issue ◽  
Information Platform ◽  
External Threats ◽  
Technology Addiction

В статье раскрывается актуальность исследования информационной безопасности, а также рассматриваются внешние и внутренние угрозы для ее обеспечения, анализируются возникающие сложности. С данным видом безопасности связана позитивная модель развития общества, поэтому не случайно наиболее важной задачей является создание полноценной теории информационной безопасности. Без этого невозможно вести речь об эффективном устранении ряда негативных последствий информатизации общества. Важной задачей является обеспечение защиты личности и общества в целом от информационно-психологических, деструктивных угроз, в том числе преодоление интернет- и других видов информационной зависимости. Теория информационной безопасности — составная часть социальной психологии безопасности. Для ее полного оформления предстоит еще немало сделать как в теоретическом, так и прикладном плане. Прежде всего имеется в виду создание национальной информационной платформы. В настоящее время существует настоятельная потребность в развитии компетентности в области информационной безопасности не только среди профессионалов, но и различных групп населения. The article focuses on a relevant issue of investigating information security. It treats internal and external threats that affect information security and problems that are associated with information security retention. Effective information security policy is a prerequisite for efficient social development, therefore it is essential to develop a full-fledged information security theory, otherwise it is impossible to efficiently eliminate negative effects of community informatization. It is essential to ensure information security of an individual and society, to protect people and community from destructive informational and psychological threats, to help people overcome their internet addiction and other disorders related to information technology addiction. Information security theory is a branch of social security psychology. It requires a lot of theoretical and applied research. The creation of a nationwide information platform is the first step to make. Nowadays there is an urgent necessity to improve information security competence of both cyber security specialists and laymen.

scholarly journals Pengembangan Aplikasi Simarsip untuk Penyusutan Arsip di Lembaga Penelitian dan Pengabdian Kepada Masyarakat Universitas Negeri Surabaya

2021 ◽  
Vol 12 (2) ◽  
pp. 111
Author(s):  
Nurmika Simanullang
Keyword(s):  
Information Technology ◽  
Information Management ◽  
Administrative Staff ◽  
State University ◽  
Good Information ◽  
Administrative Process ◽  
The Public ◽  
The Government ◽  
Role Of It

AbstractAlong with the development of information technology (IT) whose role is very supportive of human activities in this era of globalization, it is believed that the role of IT is also to optimize working time more practically, effectively, and efficiently. Appropriate and good information management really supports the performance of each existing element. IT has become one of the basic needs at this time, both in the government and private sectors, requiring IT to be an important part of supporting the administrative process and the process of changing situations and conditions that are developing rapidly.This study aims to develop or create a Simarsip application in the hope of being able to provide information about the archive shrinkage time in accordance with the archive retention schedule (JRA) which is able to accommodate archive shrinkage activities within the Research Institute for the Public, State University of Surabaya and facilitate the destruction of archives. The Simarsip application is targeted by users who are archivists, especially researchers and general administrative staff within LPPM Unesa offline, with the hope that it can also be used by other units in need by hosting and to facilitate the use of the Simarsip application, implementing research, making user manuals, and for development. The next Simarsip application can be developed for subsequent research into an online-based webside.Keywords:  Sim archive Application; Depreciation archives; Archives Retention Schedule (JRA) AbstrakSeiring dengan semakin berkembangnya teknologi informasi (TI) yang perannya sangat mendukung aktivitas manusia pada era globalisasi ini yang diyakini peran TI juga mengoptimalkan  waktu bekerja lebih praktis, efektif, dan efisien. Manajemen informasi yang tepat dan baik sangat mendukung kinerja tiap elemen yang ada. TI menjadi salah satu kebutuhan pokok saat ini baik disektor pemerintah maupun sektor swasta membutuhkan TI menjadi bagian penting mendukung proses administrasi dan proses perubahan pada situasi  yang sangat berkembang secara cepat. Penelitian ini bertujuan untuk mengembangkan atau membuat Aplikasi Sim arsip dengan harapan mampu memberikan informasi tentang waktu penyusutan arsip sesuai dengan jadwal retensin arsip (JRA) yang mampu mewadahi kegiatan penyusutan arsip dilingkungan Lembaga Penelitian dan Pengabdian kepada Masyarakat (LPPM) Universitas Negeri Surabaya (Unesa)  serta mempermudah pemusnahan arsip. Aplikasi Sim arsip sasaran pengguna adalah pemangku jabatan Arsiparis utamanya pelaksana peneliti dan tenaga administrasi umum dilingkungan LPPM Unesa secara offline, dengan harapan dapat juga dipakai oleh unit lain yang membutuhkan dengan cara Hosting dan untuk mempermudah penggunaan Aplikasi Simarsip pelaksana penelitian membuat buku petunjuk penggunaan, dan untuk pengembangan Aplikasi Simarsip berikutnya dapat dikembangkan penelitian berikutnya menjadi webside berbasis online.Kata kunci:Aplikasi Sim arsip; Penyusutan Arsip; Jadwal Retensi Arsip (JRA)AbstractAlong with the development of information technology (IT) whose role is very supportive of human activities in this era of globalization, it is believed that the role of IT is also to optimize working time more practically, effectively, and efficiently. Appropriate and good information management really supports the performance of each existing element. IT has become one of the basic needs at this time, both in the government and private sectors, requiring IT to be an important part of supporting the administrative process and the process of changing situations and conditions that are developing rapidly.This study aims to develop or create a Simarsip application in the hope of being able to provide information about the archive shrinkage time in accordance with the archive retention schedule (JRA) which is able to accommodate archive shrinkage activities within the Research Institute for the Public, State University of Surabaya and facilitate the destruction of archives. The Simarsip application is targeted by users who are archivists, especially researchers and general administrative staff within LPPM Unesa offline, with the hope that it can also be used by other units in need by hosting and to facilitate the use of the Simarsip application, implementing research, making user manuals, and for development. The next Simarsip application can be developed for subsequent research into an online-based webside.Keywords:  Sim archive Application; Depreciation archives; Archives Retention Schedule (JRA) AbstrakSeiring dengan semakin berkembangnya teknologi informasi (TI) yang perannya sangat mendukung aktivitas manusia pada era globalisasi ini yang diyakini peran TI juga mengoptimalkan  waktu bekerja lebih praktis, efektif, dan efisien. Manajemen informasi yang tepat dan baik sangat mendukung kinerja tiap elemen yang ada. TI menjadi salah satu kebutuhan pokok saat ini baik disektor pemerintah maupun sektor swasta membutuhkan TI menjadi bagian penting mendukung proses administrasi dan proses perubahan pada situasi  yang sangat berkembang secara cepat. Penelitian ini bertujuan untuk mengembangkan atau membuat Aplikasi Sim arsip dengan harapan mampu memberikan informasi tentang waktu penyusutan arsip sesuai dengan jadwal retensin arsip (JRA) yang mampu mewadahi kegiatan penyusutan arsip dilingkungan Lembaga Penelitian dan Pengabdian kepada Masyarakat (LPPM) Universitas Negeri Surabaya (Unesa)  serta mempermudah pemusnahan arsip. Aplikasi Sim arsip sasaran pengguna adalah pemangku jabatan Arsiparis utamanya pelaksana peneliti dan tenaga administrasi umum dilingkungan LPPM Unesa secara offline, dengan harapan dapat juga dipakai oleh unit lain yang membutuhkan dengan cara Hosting dan untuk mempermudah penggunaan Aplikasi Simarsip pelaksana penelitian membuat buku petunjuk penggunaan, dan untuk pengembangan Aplikasi Simarsip berikutnya dapat dikembangkan penelitian berikutnya menjadi webside berbasis online.Kata kunci: Aplikasi Sim arsip; Penyusutan Arsip; Jadwal Retensi Arsip (JRA)

Sign in / Sign up

Export Citation Format

Share Document