TEKNOLOGI: Jurnal Ilmiah Sistem Informasi
Vol 11, No 1 (2021): January

Analisis kesenjangan sistem manajemen keamanan informasi (SMKI) sebagai persiapan sertifikasi ISO/IEC 27001:2013 pada institusi pemerintah

Musyarofah, Sitta Rif’atul (Unknown)
Bisma, Rahadian (Unknown)



Article Info

Publish Date
23 Jan 2021

Abstract

The Madiun City Communication and Informatics Service (Diskominfo) is a government institution that has the responsibility for managing information and communication technology in the Madiun city government. As a government institution to serving and providing information to the public, Diskominfo Madiun City is vulnerable to information security threats that can hinder its performance. Information Security Management System ISO / IEC 2701: 2013 is a system that expected to be able to provide effectiveness and efficiency of information security management at Diskominfo Madiun city. This research aims to determine the current conditions and how the readiness of Diskominfo Madiun City to achieve ISO/IEC 27001:2013 certification. From the results of the gap analysis, it can be seen that the percentage of readiness of Diskominfo Madiun City is 71%, with a readiness range between 19% - 100%. The highest level of readiness is 100% on the requirements of clause 4 concerning the organizational context and clause 10 concerning improvements, where all information security requirements have been met. While the lowest readiness percentage is 19% which is shown in the requirements of clause 6 regarding planning. The gap analysis method is used to determine how far the ISO/IEC 27001:2013 requirements are fulfilled. The results of the gap analysis show the extent of the readiness of Diskominfo Madiun City to carry out ISO/IEC 27001:2013 certification. The results of the research indicate that Diskominfo Madiun City must improve its readiness for ISO/IEC 27001:2013 certification by fulfill the requirements of the required information security documents based on ISO/IEC 27001:2013 standards.

Copyrights © 2021






Journal Info

Abbrev

teknologi

Publisher

Subject

Computer Science & IT Decision Sciences, Operations Research & Management Electrical & Electronics Engineering Engineering Mathematics

Description

TEKNOLOGI: Jurnal Ilmiah Sistem Informasi published by the Department of Information Systems Unipdu Jombang. TEKNOLOGI published twice a year, in January and July, TEKNOLOGI includes research in the field of Information Technology Design and Development of Information Systems; Business intelligence; ...