INFORMATION SYSTEM SECURITY EVALUATION USING COBIT 5 FRAMEWORK

Lilis Griffith Toyner; Sfenrianto Sfenrianto

doi:10.24076/joism.2023v4i2.992

Authors

Lilis Griffith Toyner Universitas Bina Nusantara
Sfenrianto Sfenrianto Universitas Bina Nusantara

DOI:

https://doi.org/10.24076/joism.2023v4i2.992

Keywords:

Evaluasi, COBIT 5, Kelola Layanan Keamanan, Tingkat Kapabilitas

Abstract

Most companies use information technology to develop their business. But there are things to note, some threats can occur and cause losses. Undesirable events hinder the achievement of company goals and strategies. PT XYZ believes that information security is important in all business activities. Threats that can compromise information security. Information is an important asset for PT XYZ. Therefore, it is necessary to evaluate or measure the controls and activities that have been implemented to protect company data/information. Evaluation in this paper uses the COBIT 5 Framework which focuses on Manage Security Services (DSS05).

Keywords:

Evaluation, COBIT 5, Manage Security Services, Capability Level

Downloads

Download data is not yet available.

References

Laudon, K., & Laudon, J. Management Information Systems Managing the Digital Firm: Thirteenth Edition. Edinburgh: Pearson Education: 2014.

Setiyowati and Sri Siswanti. Penilaian Kematangan Proses Keamanan Sistem Informasi Pendaftaran Pasien Menggunakan Framework Cobit 4.1. SATIN - Sains dan Teknologi Informasi, 2021.

Resmiaty, Tetty. Aplikasi Sistem Informasi Dan Manajemen Laboratorium. Edisi ke-1. Jakarta. Indo.Kemkes.BPPSDM ; 2013.

Hutari Maulida Kurnia1, Rahmi Nur Shofa2, Rianto3, “Jurnal Sistem Informasi Dan Tenologi”. 2018. Sitech Vol 1, No: 1–6.

Selig J., "Implementing Effective IT Governance and IT Management,” Amersfoort: Van Haren Publishing, 2015.

Susilo Y, Wijayanti E, Santoso S. PENERAPAN TEKNOLOGI DIGITAL PADA EKONOMI KREATIF PADA BISNIS MINUMAN BOBA. JEMSI [Internet]. 2021Mar.11 [cited 2022Oct.25];2(4):457-68. Available from:https://dinastirev.org/JEMSI/article/view/383

Meilita Karenda Putri, Hakim AR. Perancangan Manajemen Risiko Keamanan Informasi Layanan Jaringan MKP Berdasarkan Kerangka Kerja ISO/IEC 27005:2018 dan NIST SP 800-30 Revisi 1. IK [Internet]. 2021 Nov. 17 [cited 2022 Oct. 25];15(3):134-41. Available from:https://infokripto.poltekssn.ac.id/index.php/infokripto/article/view/34

Yi Wang, Si Shi, Saggi Nevo, Shaorui Li, and Yang Chen,” The interaction effect of IT assets and IT management on firmperformance: A systems perspective,” International Journal of Information Management, pp. 580-593, 2015.

Magdalena G. International Conference on Entrepreneurship (IConEnt-2016). How Innovation could Improve the Performance and Productivity in Entrepreneurship?”. Tanggerang: Business School Universitas Pelita Harapan; 2016.

https://tekno.kompas.com/read/2021/12/21/06540017/8-kasus-peretasan-yang-terjadi-di-indonesia-sepanjang-2021?page=all.

https://tekno.kompas.com/read/2022/09/07/16150067/apa-itu-breached-forums-yang-terlibat-4-kasus-kebocoran-data-di-indonesia?page=all

Ichwani, A. dan Farida. A.D. “Pengukuran Tingkat Kapabilitas Manajemen Risiko Sistem Informasi Koperasi Syariah Menggunakan Framework Cobit 5.” Jurnal Komputasi 8 (1): 1–14. 2020.https://doi.org/10.23960/komputasi.v8i1.2528.

https://www.kominfo.go.id/content/detail/8621/indonesia-sudah-miliki-aturan-soal-perlindungan-data-pribadi/0/sorotan_media

Kaplan, R.S. and David P. Norton, “The Balanced Scorecard: Measures that Drive Performance”, Harvard Business Review, Massachusetts, 1992.

Kim, S and Park, H. 2013. “Effects of various characteristics of social commerce (s-commerce) on consumers trust and trust performance”. International Journal of Information Management. Vol. 33, pp.318–332

DHS, “Cyber resilience review,” Department Homeland University, Carnegie Mellon University, 2011.

NCC, I. , Governance-Developing a successful governance strategy: A Best Practice Guide for decision makers in IT, John Wiley & Sons, Incorporated, 2005.

Jurnal, H., Ali, R. M., & Agushinta, D, Jurnal Manajemen Informatika Evaluasi Tata Kelola Teknologi Informasi Pada Sistem Informasi Akademik Fakultas Teknik Universitas Khairun Ternate Menggunakan Framework COBIT 5, JUTEKINVol, 6(2), 2019.

Swastika, I. P. A., Kom, M., & Putra, I. G. L. A. R, Audit Sistem Informasi dan Tata Kelola Teknologi Informasi: Implementasi dan Studi Kasus, Penerbit Andi, (2016).

Kusuma, Ricky Perdana, “Audit Teknologi Informasi Menggunakan Framework Cobit 5 Pada Domain Dss (Deliver,Service, and Support) (Studi Kasus : Konsultan Manajemen Pusat),” Jurnal Digit 9 (1): 97, https://doi.org/10.51920/jd.v9i1.137, 2020.

Whitman, M.E., & Mattord, H.J, “Management of Information Security”, Third Edition, Boston: Course Technology, 2010.

Rosmiati, Riadi, I., Prayudi, Y., 2016. “A Maturity level framework for the measurement of information security performance”, International Journal of Computer Applications, 141(8), 975–8887., 2016.

ISACA, “COBIT 5.0: A Business Framework for the Governance and Management of Enterprise IT”, USA: ISACA,2012

ISACA. Self-assessment Guide: Using COBIT 5. Rolling Meadows: ISACA. 2013a.

Stoneburner, G., Goguen, A. & Feringa, A., Risk Management Guide for Information Technology Systems. Gaithersburg: NIST Special Publication 800-30. 2002.