Information Security Evaluation Using Case Study Information Security Index on Licensing Portal Applications

  • Widiastuti Kusumo Wardhani Bina Nusantara University, Indonesia
  • Benfano Soewito Bina Nusantara University, Indonesia
  • Muhammad Zarlis Bina Nusantara University, Indonesia
DOI: 10.51519/journalisi.v5i4.563
Keywords: Information Security Index, KAMI, Information Security Assessment, Security of Information, ICT

Abstract

There's a lot of cyber attacks going on right now, so the Ministry of Public Works and People's Housing (PUPR) has to get serious about preventing them. One of the information system that contains critical public data need to be secured is Portal Perizinan. In order to maintain information security, an evaluation should be carried out to assess the level of readiness (comprehensiveness and consistency) of the implementation of information security based on the SNI ISO/IEC 27001:2013 criteria using the Information Security Index. (KAMI Index). The five areas assessed aim to determine the level of organization preparedness in the implementation of information security. Obtained a score of 31 for the level of organization dependence on electronic systems, with a high level of category. The presence of technology security is at level I through to level II and our index measures 351, which means that the level of maturity of the new ISMS is at the stage of Achievement of the Basic Framework. From the results of this case study it can be seen that the state of information security readiness in the Ministry of PUPR still needs to be improved to meet ISO 27001 standard.

Downloads

Download data is not yet available.

References

S. F. Rahayu et al., “Pengukuran Tingkat Keamanan Informasi Menggunakan Metode Indeks KAMI (Studi Kasus: Dinas Komunikasi Dan Informatika Kota Pontianak),” Coding J. Komput. dan Apl., vol. 09, no. 03, pp. 468–477, 2021.

M. Lenawati, W. W. Winarno, and A. Amborowati, “Tata Kelola Keamanan Informasi pada PDAM Menggunakan ISO/IEC 27001:2013 dan COBIT 5,” Sentra Penelit. Eng. dan Edukasi, vol. 9, no. 1, pp. 44–49, 2017.

P. Februari and F. Fitria, “Audit Sistem Keamanan Informasi Menggunakan ISO 27001 pada SMKN 1 Pugung, Lampung,” POSITIF J. Sist. dan Teknol. Inf., vol. 5, no. 2, p. 97, 2019, doi: 10.31961/positif.v5i2.833.

A. P. Putra and B. Soewito, “Integrated Methodology for Information Security Risk Management using ISO 27005:2018 and NIST SP 800-30 for Insurance Sector,” Int. J. Adv. Comput. Sci. Appl., vol. 14, no. 4, pp. 625–633, 2023, doi: 10.14569/IJACSA.2023.0140468.

M. Nawir, I. AP, and F. Wajidi, “Integration Of Framework Iso 27001 And Cobit 2019 In Smart Tourism Information Security PT. YoY International Management,” J. Komput. dan Inform., vol. 10, no. 2, pp. 122–128, 2022, doi: 10.35508/jicon.v10i2.7985.

T. S. Putri, N. Mutiah, and D. Prawira, “Analisis Manajemen Risiko Keamanan Informasi Menggunakan Nist Cybersecurity Framework dan ISO/IEC 27001:2013 (Studi Kasus: Badan Pusat Statistik Kalimantan Barat),” Coding J. Komput. dan Apl., vol. 10, no. 2, pp. 237–248, 2022.

S. Nurul, S. Anggrainy, and S. Aprelyani, “Faktor-Faktor Yang Mempengaruhi Keamanan Sistem Informasi : Keamanan Informasi , Teknologi Informasi Dan Network ( Literature Review Sim ),” J. Ekon. Manaj. Sist. Inf., vol. Vol. 3, no. No. 5, pp. 564–573, 2022.

A. Poeja Kehista et al., “Analisis Keamanan Data Pribadi pada Pengguna E-Commerce: Ancaman, Risiko, Strategi Kemanan (Literature Review),” Jimt, vol. 4, no. 5, pp. 625–632, 2023.

P. Sundari and W. Wella, “SNI ISO/IEC 27001 dan Indeks KAMI: Manajemen Risiko PUSDATIN (PUPR),” Ultim. InfoSys J. Ilmu Sist. Inf., vol. 12, no. 1, pp. 35–42, 2021, doi: 10.31937/si.v12i1.1701.

N. D. Ramadhani, W. H. N. Putra, and A. D. Herlambang, “Evaluasi Keamanan Informasi pada Dinas Komunikasi dan Informatika Kabupaten Malang menggunakan Indeks KAMI (Keamanan Informasi),” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 4, no. 5, pp. 1490–1498, 2020.

V. I. Sugara, H. Syahrial, and M. Syafrullah, “Sistem Pemeriksa Keamanan Informasi Menggunakan National Institute of Standards and Technology (Nist) Cybersecurity Framework,” Komputasi J. Ilm. Ilmu Komput. dan Mat., vol. 16, no. 1, pp. 203–212, 2019, doi: 10.33751/komputasi.v16i1.1591.

D. I. Khamil, “Evaluasi Tingkat Kesiapan Keamanan Informasi Menggunakan Indeks Kami 4.2 dan ISO/IEC 27001:2013 (Studi Kasus : Diskominfo Kabupaten Gianyar),” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 9, no. 3, pp. 1948–1960, 2022, doi: 10.35957/jatisi.v9i3.2310.

T. E. Wijatmoko, “Evaluasi Keamanan Informasi Menggunakan Indeks Keamanan Informasi (Kami) Pada Kantor Wilayah Kementerian Hukum Dan Ham Diy,” Cyber Secur. dan Forensik Digit., vol. 3, no. 1, pp. 1–6, 2020, doi: 10.14421/csecurity.2020.3.1.1951.

I. Afrianto, T. Suryana, and S. Sufa’atin, “Pengukuran dan Evaluasi Keamanan Informasi Menggunakan Indeks KAMI - SNI ISO/IEC 27001:2009,” J. Ultim. InfoSys, vol. 6, no. 1, pp. 43–49, 2015, doi: 10.31937/si.v6i1.278.

M. Y. Putra and D. Tjahjadi, “Evaluasi Keamanan Informasi Pada Perguruan Tinggi Bina Insani Berdasarkan Indeks Keamanan Informasi SNI ISO/IEC 27001,” PIKSEL Penelit. Ilmu Komput. Sist. Embed. Log., vol. 6, no. 1, pp. 95–104, 2018, doi: 10.33558/piksel.v6i1.1404.

Published
2023-11-29
Abstract views: 1983 times
Download PDF: 1458 times
How to Cite
Wardhani, W., Soewito, B., & Zarlis, M. (2023). Information Security Evaluation Using Case Study Information Security Index on Licensing Portal Applications. Journal of Information Systems and Informatics, 5(4), 1204-1220. https://doi.org/10.51519/journalisi.v5i4.563
Issue
Vol 5 No 4 (2023): Journal of Information Systems and Informatics
Section
Articles

Copyright (c) 2023 Journal of Information Systems and Informatics

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

  1. I certify that I have read, understand and agreed to the Journal of Information Systems and Informatics (Journal-ISI) submission guidelines, policies and submission declaration. Submission already using the provided template.
  2. I certify that all authors have approved the publication of this and there is no conflict of interest.
  3. I confirm that the manuscript is the authors' original work and the manuscript has not received prior publication and is not under consideration for publication elsewhere and has not been previously published.
  4. I confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
  5. I confirm that the paper now submitted is not copied or plagiarized version of some other published work.
  6. I declare that I shall not submit the paper for publication in any other Journal or Magazine till the decision is made by journal editors.
  7. If the paper is finally accepted by the journal for publication, I confirm that I will either publish the paper immediately or withdraw it according to withdrawal policies
  8. I Agree that the paper published by this journal, I transfer copyright or assign exclusive rights to the publisher (including commercial rights)