Analisis Tingkat Kematangan (Maturity Level) Dan PDCA (Plan-Do-Check-Act) Dalam Penerapan Audit Sistem Manajemen Keamanan Informasi Pada PT Indonesia Game Menggunakan Metode ISO 27001:2013
- Eri Riana Universitas Bina Sarana Informatika, Jakarta, Indonesia
-
Meiva Eka Sri Sulistyawati
*
Universitas Bina Sarana Informatika, Jakarta,
Indonesia
- Octa Pratama Putra Universitas Bina Sarana Informatika, Jakarta, Indonesia (*) Corresponding Author
Abstract
It has become a current requirement in every company regarding the implementation of governance in the ICT field in an effort to improve service quality. For this reason, it is necessary to implement and at the same time carry out an ISMS periodic audit process in companies using the ISO 27001: 2013 standard. Based on the audit and research results found in Annex 7 has the lowest level compared to the other Annexes, because the work instruction documentation related to labeling has not been registered in the main document so it needs to be adjusted to the main document. existing procedures with titles, so they are not synchronized. Overall the use of ISO 27001: 2013 has been going well with a maturity level value of 97.45% level 5. With almost all annexes and clauses meeting the standards of ISO 27001: 2013, so from the results this research It is hoped that the company can make improvements again in carrying out the document archive process so that it makes it easier for the auditor to carry out internal external audits and can carry out all activities in accordance with those in the ISO 27001: 2013 standard.
Downloads
References
D. Rutanaji, S. S. Kusumawardani, and W. W. Winarno, “ISO 27001 sebagai Metode Alternatif bagi Perancangan Tata Kelola Keamanan Informasi (Sebuah Usulan untuk Diterapkan di Arsip Nasional RI),” Pros. Semin. Nas. ReTII ke-12 2017, pp. 168–173, 2017, [Online]. Available: https://journal.itny.ac.id/index.php/ReTII/article/view/604.
W. Apriandari and A. Sasongko, “Analisis Sistem Manajemen Keamanan Informasi Menggunakan Sni Iso / Iec 27001 : 2013 Pada Pemerintahan Daerah Kota Sukabumi ( Studi Kasus : Di Diskominfo Kota Sukabumi ),” Ilm. SANTIKA, vol. 8, no. 1, pp. 715–729, 2018.
H. Jauhary, G. E. Pratiwi2, A. Z. Salim, and F. Fitroh, “Penerapan ISO27001 dalam Menjaga dan Meminimalisir Risiko Keamanan Informasi : Literatur Review,” Media J. Inform., vol. 14, no. 1, p. 43, 2022, doi: 10.35194/mji.v14i1.1581.
D. Y. Putra, T. Wati, and I. W. Widi P, “Audit Keamanan Sistem Informasi Berdasarkan Sni - Iso 27001 Pada Sistem Informasi Akademik Universitas Pembangunan Nasional ‘Veteran’ Jakarta,” Semin. Nas. Pengaplikasian Telemat. (SINAPTIKA 2020), no. Sinaptika, pp. 1–18, 2020.
Erfina, E. Utami, and A. Sunyoto, “Evaluasi Tingkat Kematangan Keamanan Informasi Pada Sistem Iinformasi Manajemen Universitas Cokroaminoto Palopo,” J. Ilm. d’Computare, vol. 8, p. 50, 2018.
I. Santosa and D. Kuswanto, “Analisa Manajemen Resiko Keamanan Informasi pada Kantor Pelayanan Pajak Pratama XYZ,” Rekayasa, vol. 9, no. 2, p. 108, 2016, doi: 10.21107/rekayasa.v9i2.3347.
M. Bakri and N. Irmayana, “Analisis Dan Penerapan Sistem Manajemen Keamanan Informasi Simhp Bpkp Menggunakan Standar Iso 27001,” J. Tekno Kompak, vol. 11, no. 2, p. 41, 2017, doi: 10.33365/jtk.v11i2.162.
M. Sidik, A. Iriani, and S. Yulianto, “Audit Manajemen Keamanan Teknologi Informasi Menggunakan Standar Iso 27001 : 2005 Di Perguruan Tinggi Xyz,” J. SITECH Sist. Inf. dan Teknol., vol. 1, no. 2, pp. 73–82, 2018, doi: 10.24176/sitech.v1i2.2564.
I. Riadi, “Analisis Keamanan Informasi Berdasarkan Kebutuhan Teknikal Dan Operasional Mengkombinasikan Standar ISO 27001 : 2005 Dengan Maturity Level ( Studi Kasus Kantor Biro Teknologi Informasi PT . XYZ ),” Semin. Nas. Teknol. Inf. Dan Multimed. 2016, vol. 4, no. 1, pp. 1–2, 2016.
H. Wahyudi, A. Zulianto, and A. Maulana, “AUDIT KEAMANAN SISTEM INFORMASI MANAJEMEN AKADEMIK DAN KEMAHASISWAAN MENGGUNAKAN SNI ISO/IEC 27001 : 2013 ( Studi Kasus STMIK Mardira Indonesia ),” J. Comput. Bisnis, vol. 14, no. 1, pp. 40–46, 2020.
S. A. Sholikhatin, A. Setyanto, and E. T. Luthfi, “Analisis Keamanan Sistem Informasi Dengan ISO 27001 (Studi Kasus: Sistem Informasi Akademik Universitas Muhammadiyah Purwokerto),” J. Ilm. IT CIDA, vol. 4, no. 1, pp. 1–9, 2019, doi: 10.55635/jic.v4i1.75.
P. Februari and F. Fitria, “Audit Sistem Keamanan Informasi Menggunakan ISO 27001 pada SMKN 1 Pugung, Lampung,” POSITIF J. Sist. dan Teknol. Inf., vol. 5, no. 2, p. 97, 2019, doi: 10.31961/positif.v5i2.833.
A. N. R. Fitroh, Muhamad Rizaldi Seputra, Ginanjar Ramadhan, Tania Nur Hafizah Hersyaf, “Pentingnya Implementasi Iso 27001 Dalam Manajemen Keamanan : Sistematika Review,” Semin. Nas. Sains dan Teknol. 2017, no. November, pp. 1–2, 2017.
S. Rif and R. Bisma, “Pembuatan Standard Operating Procedure ( SOP ) Keamanan Informasi Berdasarkan Framework ISO / IEC 27001 : 2013 dan ISO / IEC 27002 : 2013 pada Dinas Komunikasi dan Informatika Pemerintah Kota Madiun,” JEISBI Vol. 01 Nomor 01, 2020 (Journal Emerg. Inf. Syst. Bus. Intell. Pembuatan, vol. 01, pp. 43–50, 2020.
I. Yustiana, “Perancangan Tata Kelola Keamanan Informasi Menggunakan Kerangka Kerja Cobit 5,” pp. 1–9, 2017.
Suharjanti, “Prosiding Seminar Nasional Aplikasi Sains & Teknologi (SNAST) 2014 Yogyakarta, 15 November 2014 ISSN: 1979-911X,” Snast, no. November, pp. 211–216, 2014.
T. Ramdhany and M. Asikin, “Audit Sistem Informasi Aplikasi Starclick Menggunakan Framework Cobit 4.1 Domain Deliver and Support Di Pt. Telekomunikasi Regional Iii Jawa Barat,” J. Komput. Bisnis, vol. 11, no. 1, pp. 33–39, 2018.
S. T. Yuwono, N. Pratama, and V. Afifah, “Re-Assessment Konsistensi Dokumen Kontrol Sertifikasi ISO 27001: 2013 (ISMS) di Bagian Komunikasi Satelit Monitoring PT. Bank BRI, TBK,” Ikra-Ith Inform. …, vol. 6, no. 2, pp. 21–28, 2022, [Online]. Available: https://journals.upi-yai.ac.id/index.php/ikraith-informatika/article/download/1570/1285.
F. Ainun Nafisah, W. Hayuhardhikai Nugrahai Putra, and H. Admajai Dwi, “Evaluasi Keamanan Informasi Data Center Berdasarkan Standar ISO 27001:2013 (Studi Kasus PT. Pupuk Kalimantan Timur),” vol. 4, no. 6, pp. 1858–1865, 2020, [Online]. Available: http://j-ptiik.ub.ac.id.
D. Rahmat, “Perancangan Sistem Manajemen Keamanan Informasi Menggunakan Standar Sni Iso / Iec 27001 : 2013,” J. Inform. – Comput. Vol. 06 Nomor 02, Desember 2019 37-41 ISSN 2656 – 3861, vol. 06, pp. 37–41, 2019.
Bila bermanfaat silahkan share artikel ini
Berikan Komentar Anda terhadap artikel Analisis Tingkat Kematangan (Maturity Level) Dan PDCA (Plan-Do-Check-Act) Dalam Penerapan Audit Sistem Manajemen Keamanan Informasi Pada PT Indonesia Game Menggunakan Metode ISO 27001:2013
Pages: 632-640
Copyright (c) 2023 Eri Riana, Meiva Eka Sri Sulistyawati, Octa Pratama Putra
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under Creative Commons Attribution 4.0 International License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (Refer to The Effect of Open Access).
