Penyusunan Manajemen Risiko Keamanan Informasi IT Telkom Purwokerto Dengan Standar ISO 27001
Total View This Week0
Total View This Week0
Institusion
Institut Teknologi Telkom Purwokerto
Author
Moniq, Kartika Sari
Subject
T Technology (General)
Datestamp
2022-07-27 01:59:35
Abstract :
Information security risk management planning is very important to measure the level of organizational readiness in dealing with threats that may occur. Information security risk management planning at the IT Telkom Purwokerto (ITTP) Campus is also very important, because it is to determine the security of data or information on the campus. The purpose of this study is to design information security risk management in ITTP in accordance with ISO 27001. In relation to ITTP SMKI does not yet have a reference for Information Security. So it is necessary to prepare an ISMS for ITTP. In compiling the ISMS at ITTP the method used is the Information Security Index (KAMI) which is in accordance with the ISO 27001 standard which is one of the ISMS for organizations or companies. These standards will help maintain and build the ISMS of an organization or company. The use of ISMS is to maintain confidentiality, integrity, availability of information, control and manage information security risks. The data collection method used in this study is a qualitative method by conducting interviews with the related units. The results of this study are several assets that have a high level of risk, namely hardware assets including Servers and Routers, software assets including Elerning Applications, E-Learning backup servers, eLearning Databases, Igracias Development and ITTP Suket. Mitigation is needed for assets that have a high level of risk, namely the server requires CCTV in every room and also a light fire extinguisher (APAR). Routers require regular monitoring. Learning Application assets (LMS) require regular data backups. Elearning backup server assets require server storage space, Non Disclosure Agreement (NDA) documents and antivirus. The e-learning and Igracias development database assets require an antivirus. Suket ITTP assets require antivirus, information security policies, NDA documents and regular data backups. Key word : Information Security (KAMI), Risk Profile, ISO 27001
Information security risk management planning is very important to measure the level of organizational readiness in dealing with threats that may occur. Information security risk management planning at the IT Telkom Purwokerto (ITTP) Campus is also very important, because it is to determine the security of data or information on the campus. The purpose of this study is to design information security risk management in ITTP in accordance with ISO 27001. In relation to ITTP SMKI does not yet have a reference for Information Security. So it is necessary to prepare an ISMS for ITTP. In compiling the ISMS at ITTP the method used is the Information Security Index (KAMI) which is in accordance with the ISO 27001 standard which is one of the ISMS for organizations or companies. These standards will help maintain and build the ISMS of an organization or company. The use of ISMS is to maintain confidentiality, integrity, availability of information, control and manage information security risks. The data collection method used in this study is a qualitative method by conducting interviews with the related units. The results of this study are several assets that have a high level of risk, namely hardware assets including Servers and Routers, software assets including Elerning Applications, E-Learning backup servers, eLearning Databases, Igracias Development and ITTP Suket. Mitigation is needed for assets that have a high level of risk, namely the server requires CCTV in every room and also a light fire extinguisher (APAR). Routers require regular monitoring. Learning Application assets (LMS) require regular data backups. Elearning backup server assets require server storage space, Non Disclosure Agreement (NDA) documents and antivirus. The e-learning and Igracias development database assets require an antivirus. Suket ITTP assets require antivirus, information security policies, NDA documents and regular data backups. Key word : Information Security (KAMI), Risk Profile, ISO 27001
Download
book
BibTex
Latex, Jabref
cloud_download
Original Resource
url resource Institution
