Audit Keamanan Sistem Informasi Puskesmas Dengan Standar ISO/IEC 27001:2013 Dan Framework COBIT 5
DOI:
https://doi.org/10.25134/ilkom.v18i1.56Abstract
One of the problems of a company is the security of information systems. High security is needed to maintain the confidentiality and misuse of information within the organization. To improve the security of business operations and the quality of information technology resources, it is necessary to evaluate the security of existing information technology assets. Just like one of the systems at PT Infokes Indonesia, namely the Health Center Information System, this is a multi-functional application based on a web base so that it can be used by more than one user at the same time as patient recording is done electronically. The purpose of this study was to conduct a security audit of the Health Center Information System at PT. Infokes Indonesia uses ISO/IEC 27001:2013 and the COBIT 5 framework to document audit findings of information system audits at PT. Infokes Indonesia to make an audit report. Based on the results of research that has been conducted through interviews and questionnaires using the COBIT 5 framework and using the APO13 sub domain, the results show that Existing Capability is at level 1 while the expected Capability Level is at level 3 so that the Capability Gap is 2.
Downloads
References
Ade Dwi Andayani, Obrina Candra Briliyant. 2021. Penilaian Kapabilitas Tata Kelola Keamanan Teknologi Informasi dan Rekomendasi Perbaikan Menggunakan COBIT 5. Politeknik Siber dan Sandi Negara.
Boying Panjaitan, Lukman Abdurrahman, Rahmat Mulyana, 2021, Pengembangan Implementasi Sistem Manajemen Keamanan Informasi Berbasis Iso 27001:2013 Menggunakan Kontrol Annex : Studi Kasus Data Center PT. XYZ; Telkom University.
Darma Yanto Putra, Theresia Wati ,I Wayan Widi P, 2020, Audit Keamanan Sistem Informasi Berdasarkan Sni - Iso 27001 Pada Sistem Informasi Akademik Universitas Pembangunan Nasional “Veteran” Jakarta; Fakultas Ilmu Komputer Universitas Pembangunan Nasional Veteran Jakarta.
Darmawansyah iwan, & Sismiati. (2021). Pengembangan Dan Perancangan Perjalanan Pelanggan Dan Sistem Informasi Penjualan Pada Coffee Shop Frekuensi Kopi..
Direktorat Keamanan Informasi. 2017. Panduan Penerapan Sistem Manajemen Keamanan Informasi Berbasis Indeks Keamanan Informasi (Indeks KAMI). Jakarta: Penerbit Kementerian Komunikasi dan Informatika.
ISACA. 2012. COBIT 5 A Business Framework for the Governance and Management of Enterprise IT. USA: IT Governance Institute..
ISACA. 2012. COBIT 5 Enabling Processes. USA: IT Governance Institute.
ISACA. 2012. COBIT 5 Implementation. USA: IT Governance Institute.
ISACA. 2012. COBIT 5 Process Assessment Model. USA: IT Governance Institute.
ISACA, 2016. A Historical Timeline The COBIT® Framework. USA: IT Governance Institute.
ISO, “International Standard ISO/IEC 27001 Information Technology - Security Techniques - Information Security Management Systems -Requirements,” IEC, vol. 27001, no. 27001, 2005.
ISO, “International Standard ISO/IEC 27001 Information Technology - Security Techniques - Information Security Management Systems - Requirements,” IEC, vol. 27001, no. 27001, 2013.
ISO, “International Standard ISO/IEC 27002 Information technology - Security techniques — Code of practice for information security controls,” IEC, vol. 27002, no. 27002, 2013.
ISO, “International Standard ISO/IEC 27005 Information Technology - Security techniques – Information security risk Management,” vol. 27005, 2008..
Kementerian Komunikasi dan Informatika Republik Indonesia. 2016. Peraturan Menteri Komunikasi dan Informatika Republik Indonesia No. 4 Tahun 2016: Sistem Manajemen Pengamanan Informasi.
Mohamad Mirza Maulana. (2019), Audit Keamanan Sistem Informasi Pada Dinas Komunikasi Dan Informatika Kabupaten Bogor Menggunakan Standar ISO/IEC 27001:2013 dan Cobit 5; UIN JAKARTA.
McLeod, Raymond & Schell, Jr. George. (2008). Sistem Informasi Manajemen, Edisi 10. Terjemahan oleh Hendra Teguh. Klaten: PT. Intan Sejati Klaten..
Muhammad Nawir, Irfan AP dan Farid Wajidi. 2022. Integrasi Framework ISO 27001 Dan Cobit 2019 Pada Keamanan Informasi Smart Tourism Pt. YOY Manajemen Internasional. Universitas Sulawesi Barat.
Putra Pamungkas Sukmana, Titan Parama Yoga, Chairul Habibi. (2023). Audit Manajemen Risiko Sistem Informasi pada Website Digo.id dengan Framework COBIT 5 dan ISO 31000. Jurnal Accounting Information System (AIMS). Vol. 6 No. 2 (2023). Accounting Information Systems Study Program, Ma'soem University, Bandung
Suci Fitriani Setiawan, Titan Parama Yoga, Budiman Budiman. (2023). Information System Security Audit SIMKA(Sistem Informasi Kearsipan) at Badan Pendapatan Daerah Jawa Barat Kota Bandung III Using COBIT 5 Framework and Standard IS0/IEC 27002. International Journal of Quantitative Research and Moadeling (IJQRM), Vol 4, No 3 (2023). Copyright (c) 2023 International Journal of Quantitative Research and Modeling
Titan Parama Yoga , R. Yadi Rakhman Alamsyah, Silca Silkillah Adwa, (2023). Audit Keamanan Sistem Informasi Menggunakan Cobit 5 di PT. Paramita Surya Makmur Plastika. Jurnal Accounting Information System (AIMS).VOL. 6 NO. 1 (2023). Accounting Information Systems Study Program, Ma'soem University, Bandung.
Wibowo, Aldi S. et al. 2016. Kombinasi Framework COBIT 5, ITIL dan ISO/IEC 27002 Untuk Membangun Model Tata Kelola Teknologi Informasi Di Perguruan Tinggi. Seminar Nasional Teknologi Informasi dan Komunikasi 2016, pp. 122-128.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Nuansa Informatika
This work is licensed under a Creative Commons Attribution 4.0 International License.