INFORMATION SYSTEM SECURITY AUDIT USING ISO/IEC 27002:2013 AT UNIVERSITY OF XXX

  • Rusmala Santi Information Systems, Faculty of Science and Technology, Universitas Negeri Islam Raden Fatah, Indonesia
  • Aminullah Imal Alfresi Information Systems, Faculty of Science and Technology, Universitas Negeri Islam Raden Fatah, Indonesia
  • Betha Octariana Information Systems, Faculty of Science and Technology, Universitas Negeri Islam Raden Fatah, Indonesia
DOI: https://doi.org/10.52436/1.jutif.2023.4.4.689
Keywords: Information System Security, ISO/IEC 27002:2013

Abstract

Information system security audit to find out how the current information system security process is implemented, whether it has been implemented in accordance with information security management system standards. The purpose of this study is to examine the suitability of the current information system security process with the ISO/IEC 27002:2013 security standard and to assess the level of capability and maturity of information system security at university of XXX. This audit research resulted in the finding that the information system security process at university of XXX is currently not in accordance with the ISO/IEC 27002:2013 security standard and is at level 2 (managed) with a capability level value of 1,96 and a maturity level of 2,34.

Downloads

Download data is not yet available.

References

E. Zuraidah, “Modul Audit Sistem Informasi Dan Tata Kelola,” Makasar: Nusa Mandiri, 2019, pp. 1–95.

F. Anggraini, Audit Teknologi Sistem Intalasi Pengolahan Lumpur Tinja (IPTLT), 1st ed. Bandung: Kiblat Buku Utama, 2016.

Y. Fiscal, “Pengaruh Pengalaman Kerja Dan Kompetensi Auditor Terhadap Kualitas Hasil Pemeriksaan (Studi Kasus pada Kantor BPKP Bandar Lampung),” J. Akunt. dan Keuang., vol. 3, no. 1, 2012, doi: 10.36448/jak.v3i1.220.

N. Ibrachim et al., Bakuan Audit Keamanan Informasi Kemenpora. Jakarta: Kementerian Pemuda dan Olahraga Republik Indonesia, 2012.

M. Rizal, “Framework Audit IT,” Karawang, 2016.

S. Kantun, “Penelitian Evaluatif Sebagai Satu Model Penelitian Dalam Bidang Pendidikan,” Maj. Ilm. Din., vol. 37, no. 1, p. 15.

D. Wirawan, Evaluasi (Teori, Model, Metodologi, Standar, Aplikasi, dan Profesi), 3rd ed. Jakarta: Raja Grafindo Persada, 2016.

J. A. H. Hardani. Ustiawaty, Buku Metode Penelitian Kualitatif dan Kuantitatif, 1st ed., no. April. Yogyakarta: CV Pustaka Imu Group, 2017.

F. FISO 27001 Implementer, “Guideline for Roles & Responsibilities in Information Asset Management,” 2009.

Y. Yuliani, N. S. Lestari, R. S. Aisyah, K. M. Sofiani, and T. Alawiyah, “Pelaporan Hasil Audit Dan Tindak Lanjut Audit,” Tasikmalaya, 2020.

Undang-Undang RI, Undang-Undang Republik Indonesia. Indonesia, 2004, pp. 1–25.

Y. Rahayu, “Audit Keamanan Informasi Simak Online Universitas Indo Global Mandiri Palembang Berdasarkan Standar ISO/IEC 27001:2005,” 2018.

Badan Standar Internasional, Internasional Standard ISO / IEC 27002:2005, vol. 2005. 2005.

Bandar Standar Nasional, Internasional Standard ISO / IEC 27002:2013, Kedua., vol. 2013. 2013.

A. Mewengkang, “Pemanfaatan Capability Maturity Model Integration Untuk Meningkatkan Kualitas Perangkat Lunak ( Studi Kasus : Sistem Informasi Akademik Universitas Negeri Manado ),” Eng. Educ., vol. 7, no. 1, p. 6, 2019.

Software Engineering Institute, CMMI For Development Version 1.3, 1.3., no. November. 2010.

Published
2023-08-18
How to Cite
[1]
R. Santi, A. I. Alfresi, and B. Octariana, “INFORMATION SYSTEM SECURITY AUDIT USING ISO/IEC 27002:2013 AT UNIVERSITY OF XXX ”, J. Tek. Inform. (JUTIF), vol. 4, no. 4, pp. 733-750, Aug. 2023.
Issue
Vol. 4 No. 4 (2023): JUTIF Volume 4, Number 4, August 2023
Section
Articles

Copyright (c) 2023 Betha Octariana Betha, Rusmala Santi Rusmala, Aminullah Imal Alfresi Aminullah

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.