Risk Assessment And Development Of Access Control Information Security Governance Based On ISO/IEC27001:2013 At XYZ University

Fitrani, Laqma Dica (2021) Risk Assessment And Development Of Access Control Information Security Governance Based On ISO/IEC27001:2013 At XYZ University. STMIK MDP, JATISI (Jurnal Teknik Informatika dan Sistem Informasi).

Preview

Text
Turnitin_Laqma Dica Fitrani.pdf
Download (3MB) | Preview

Preview

Text
Peer Review_Laqma Dica Fitrani.pdf
Download (1MB) | Preview

Official URL: https://jurnal.mdp.ac.id/index.php/jatisi/article/...

Abstract

The rapid development of information technology at this time also has an impact on the use of information technology in the university environment. XYZ University as a university that has quite a lot of students also applies information technology to support their distance learning. The role of information technology is quite crucial and important. Unfortunately, the issue of information security which is an important part of information technology often gets less attention. Its undeniable that the emergence of threats or weaknesses in information technology can disrupt the course of service activities using information technology. Therefore, it is necessary to manage information technology and risk-based document standard procedures as outlined in governance to manage emerging threats or weaknesses. ISO/IEC 27001:2013 is an framework of information security management system that can be used as a basis for managing information security. This study identifies assets, threats, weaknesses, risk analysis, BIA, risk assessment, and risk mapping based on clauses to produce recommendations for policy documents, procedures, and work instructions to improve information security control based on ISO 27001:2013 clauses. Considering its high risk value, this study produced several recommendations for security documents, namely 5 policy documents, 6 procedure guidelines, 8 work instructions, and 12 forms.

Item Type:	Other
Uncontrolled Keywords:	Access Control, ISO 27001:2013, Risk assessment
Subjects:	000 - COMPUTER SCIENCE, INFORMATION, GENERAL WORKS > 000 - 009 COMPUTER SCIENCE, INFORMATION, GENERAL WORKS > 000 - COMPUTER SCIENCE, INFORMATION, GENERAL WORKS
Divisions:	Lecturer
Depositing User:	LAQMA DICA FITRANI
Date Deposited:	03 Apr 2023 05:18
Last Modified:	03 Apr 2023 05:18
URI:	http://eprints.perbanas.ac.id/id/eprint/10288

Actions (login required)

View Item