Audit Keamanan Sistem Informasi Pada Data Center Menggunakan Standar SNI-ISO 27001

S Syafrinal, A Agusrijar

Abstract


Information system security management is very important for Aceh Government institutions in managing information assets that refer to a standard. This will have a negative impact on the sustainability of information services, especially e-mail services managed by the Aceh Communication, Information, and Encryption Service. So the need for good management governance according to national and international standards to create good management of electronic mail information system services by conducting an internal audit process on its management in terms of physical and environmental security where the electronic mail service information system is managed. This study discusses the "Information System Security Audit on Data Centers Using SNI-ISO 27001 Standards (Case Study: Aceh Government)". The results showed the need for data and documentation of the final evaluation of the maturity level of the audit process to reduce the risk of threats to the information system generated so that problems can be overcome by making efforts to minimize the possible risks that have been caused. The auditing stages have been carried out on the information system in the data center using the SNI-ISO 27001 standard resulting in a level of maturity still at the "repeatable but intuitive" level that still requires further supervision in the management of the security side.

Full Text:

PDF

References


Ahmad, A. (2012). Bakuan Audit Keamanan Informasi Kemenpora. Indonesia: Kementerian Pemuda dan Olahraga.

Arens, Alvin A. (2015). Auditing & jasa Assurance. Jakarta : Erlangga.

Chaudhary, M., & Chopra , A. (2016). CMMI for Development : Implementation Guide. Penerbit Apress.

Direktorat Keamanan Informasi. (2011). Panduan Penerapan Tata Kelola Keamanan Informasi Bagi Penyelenggara Pelayanan Publik. Jakarta: Kementrian Keamanan Informasi dan Informatika RI.

Direktorat Keamanan Informasi. (2017). Panduan Penerapan Sistem Manajemen Keamanan Informasi Berbasis Indeks Keamanan Informasi. Jakarta: Kementrian Komunikasi dan Informatika RI.

Digdo,G.P (2017). Panduan Audit Keamanan Komputer Bagi Pemula. Jakarta: Elekmedia Komputindo.

IBISA (2013). Physical Security, Mencegah Serangan Terhadap Pendukung Sistem Informasi. Yogyakarta:Andipublisher.

ISO/IEC 27001:2013 (E), (2013). Information technology – Security techniques – Information security management systems – Requirements. International Standart.

ISACA, IS Auditing Guidelines-Applications Systems Review-Document (2016). Information system Auditing: Tools and Techniques-Creating Audit Programs. USA, Inc. Information Systems Audit and Control Association.

Kadir, A. 2014. Pengenalan sistem informasi Edisi Revisi. Yogyakarta: Penerbit Andi.

Komalasari, R., & Perdana, I. (2014).Audit Keamanan Informasi Bagian Teknologi Informasi PT. PLN (Persero) DJBB Menggunakan SNI ISO/IEC 2007:2009. Jurnal Sistem Informasi, IX (2) 201 – 216.

Krismiaji, 2015. Sistem Informasi Akuntansi, Penerbit: Yogyakarta.

Mahdianta Pandia, 2013. Penerapan Keamanan Sistem Informasi Standar ISO 27001 Pada PT. BPR KARYA BHAKTI UGAHARI TANJONG MORAWA. Medan: Jurnal Ilmiah Ekonomi, Hukum, Pertanian, Peternakan, Kedokteran, Pendidikan, Komputer. Vol.4, No.1 .68-73.

Winarno, W.W. (2017). Sistem Informasi Manajemen.(Edisi ke-3).STIM YKPN.

Wikipedia bahasa indonesia. ”Pusat Data”, 27 Agustus 2018 https://id.wikipedia.org/wiki/Pusat_data.

Yulindra.(2014). Keamanan Sistem Informasi: STMIK ATMA LUHUR. Yogyakarta:Deepublish




DOI: http://dx.doi.org/10.30645/j-sakti.v4i2.250

Refbacks

  • There are currently no refbacks.


J-SAKTI (Jurnal Sains Komputer & Informatika)
Published Papers Indexed/Abstracted By:

Jumlah Kunjungan :

View My Stats