In the implementation of ICT an educational institution, a data center is an ICT facility which is used as a placement, storage, and data and information processing. The ICT facilities are very risky at main business process when unmanaged appropriately. ISO27001 is an information security management system standard that can be used as a reference in designing a management of ICT facilities. This paper describes the design of an information security management system in a data center of State Polytechnics of Lampung (Polinela). This study begins by studying general description of the organization; defining the scope of the evaluation, and designing the tools. Expert judgment evaluation results show that the control of the recommended risk control is appropriate and can be applied to the locus of research.Key words : ISMS, security, information, management
Copyrights © 2015