Information Security Assessment Using ISO/IEC 27001:2013 Standard on Government Institution

  • Akmal Zaifullah Maingak Faculty of Economics and Business, Universitas Telkom
  • Candiwan Candiwan Faculty of Economics and Business, Universitas Telkom
  • Listyo Dwi Harsono Faculty of Economics and Business, Universitas Telkom

Abstract

The purpose of this research is to determine the existing gap to achieve ISO/IEC 27001:2013 certification and determine the maturity level of the information system owned by X Government Institution. The information system of X Government Institution would be assessed based on 14 clauses contained in ISO/IEC 27001: 2013. The method used is qualitative method, data collection and data validation with triangulation technique (interview, observation, and documentation). Data analysis used gap analysis and to measure the maturity level of this research used CMMI (Capability Maturity Model for Integration). The result of the research showed that information security which had been applied by X Government Institution was at level 1 (Initial) which meant there was evidence that the institution was aware of problems that needed to be overcome, unstandardized process, and tended to handle the problem individually or by case.

Downloads

Download data is not yet available.
Published
Sep 17, 2018
How to Cite
MAINGAK, Akmal Zaifullah; CANDIWAN, Candiwan; HARSONO, Listyo Dwi. Information Security Assessment Using ISO/IEC 27001:2013 Standard on Government Institution. TRIKONOMIKA, [S.l.], v. 17, n. 1, p. 28-37, sep. 2018. ISSN 2355-7737. Available at: <http://journal.unpas.ac.id/index.php/trikonomika/article/view/1138>. Date accessed: 24 oct. 2018. doi: http://dx.doi.org/10.23969/trikonomika.v17i1.1138.
Section
Articles