INFORMATION SYSTEM SECURITY AUDIT USING ISO/IEC 27002:2013 AT UNIVERSITY OF XXX
Abstract
Information system security audit to find out how the current information system security process is implemented, whether it has been implemented in accordance with information security management system standards. The purpose of this study is to examine the suitability of the current information system security process with the ISO/IEC 27002:2013 security standard and to assess the level of capability and maturity of information system security at university of XXX. This audit research resulted in the finding that the information system security process at university of XXX is currently not in accordance with the ISO/IEC 27002:2013 security standard and is at level 2 (managed) with a capability level value of 1,96 and a maturity level of 2,34.
Downloads
References
E. Zuraidah, “Modul Audit Sistem Informasi Dan Tata Kelola,” Makasar: Nusa Mandiri, 2019, pp. 1–95.
F. Anggraini, Audit Teknologi Sistem Intalasi Pengolahan Lumpur Tinja (IPTLT), 1st ed. Bandung: Kiblat Buku Utama, 2016.
Y. Fiscal, “Pengaruh Pengalaman Kerja Dan Kompetensi Auditor Terhadap Kualitas Hasil Pemeriksaan (Studi Kasus pada Kantor BPKP Bandar Lampung),” J. Akunt. dan Keuang., vol. 3, no. 1, 2012, doi: 10.36448/jak.v3i1.220.
N. Ibrachim et al., Bakuan Audit Keamanan Informasi Kemenpora. Jakarta: Kementerian Pemuda dan Olahraga Republik Indonesia, 2012.
M. Rizal, “Framework Audit IT,” Karawang, 2016.
S. Kantun, “Penelitian Evaluatif Sebagai Satu Model Penelitian Dalam Bidang Pendidikan,” Maj. Ilm. Din., vol. 37, no. 1, p. 15.
D. Wirawan, Evaluasi (Teori, Model, Metodologi, Standar, Aplikasi, dan Profesi), 3rd ed. Jakarta: Raja Grafindo Persada, 2016.
J. A. H. Hardani. Ustiawaty, Buku Metode Penelitian Kualitatif dan Kuantitatif, 1st ed., no. April. Yogyakarta: CV Pustaka Imu Group, 2017.
F. FISO 27001 Implementer, “Guideline for Roles & Responsibilities in Information Asset Management,” 2009.
Y. Yuliani, N. S. Lestari, R. S. Aisyah, K. M. Sofiani, and T. Alawiyah, “Pelaporan Hasil Audit Dan Tindak Lanjut Audit,” Tasikmalaya, 2020.
Undang-Undang RI, Undang-Undang Republik Indonesia. Indonesia, 2004, pp. 1–25.
Y. Rahayu, “Audit Keamanan Informasi Simak Online Universitas Indo Global Mandiri Palembang Berdasarkan Standar ISO/IEC 27001:2005,” 2018.
Badan Standar Internasional, Internasional Standard ISO / IEC 27002:2005, vol. 2005. 2005.
Bandar Standar Nasional, Internasional Standard ISO / IEC 27002:2013, Kedua., vol. 2013. 2013.
A. Mewengkang, “Pemanfaatan Capability Maturity Model Integration Untuk Meningkatkan Kualitas Perangkat Lunak ( Studi Kasus : Sistem Informasi Akademik Universitas Negeri Manado ),” Eng. Educ., vol. 7, no. 1, p. 6, 2019.
Software Engineering Institute, CMMI For Development Version 1.3, 1.3., no. November. 2010.
Copyright (c) 2023 Betha Octariana Betha, Rusmala Santi Rusmala, Aminullah Imal Alfresi Aminullah
This work is licensed under a Creative Commons Attribution 4.0 International License.