Using the Information Security Index to Measure University Information Security Management : Concepts and Strategies

Authors

  • Luqman Hakim  Master of Informatics Engineering, University of Amikom Yogyakarta , Sleman, Yogyakarta, Indonesia
  • Avinanta Tarigan  Department of Computer Engineering, University of Gunadarma, Depok, West Java, Indonesia

Keywords:

Information Security Index, Concept of Information Security Index, Information Security Strategy

Abstract

An information security index is an evaluation tool for analyzing the degree of information security preparedness in government agencies. This evaluation tool is not intended to investigate the feasibility or effectiveness of existing forms of security, but rather as a tool to provide a picture of the readiness condition. This study aims to create a concept and evaluation strategy using information security index. The research method used is literature study and interview to generate a proper concept and strategy that matured. The result of this research is information security index will evaluate an organization based on six area that is: ICT Roles, Information Security Governance, Information Security Risk Management, Information Asset Management and Information Technology and Security. In an evaluation using information security index there are nine steps to be taken the first step is planning, second is literature study and interview then six evaluation steps based on the last area is the result of the evaluation, the Estimated time needed to do the assessment is thirteen weeks.

References

  1. Shirey, R. (2000). Internet Security Glossary: RFC Editor.
  2. Infosecurity. (2011). Elsevier Science Publishers B. V.
  3. Demopoulos, A. (2012 ). Why do many organizations lack adequate security? Retrieved from http://demop.com/articles/lack-adequate-security.html Davis, C., Schiller, M., & Wheeler, K. (2011). IT Auditing: Using Controls to Protect Information Assets (2 ed.). New York: McGraw Hill.
  4. Sarno, R., & Iffano, I. (2009). Sistem Manajemen Keamanan Informasi. Surabaya: ITS Press.
  5. ISO/IEC. (2005). Information Technology-Security Techniques-Code of Practice for Information Security Management ISO/IEC 17799 (27002):2005. Switzerland.
  6. Wiander, T. (2008). Implementing the ISO/IEC 17799 standard in practice: experiences on audit phases. Paper presented at the Proceedings of the sixth Australasian conference on Information security - Volume 81, Wollongong, NSW, Australia.
  7. Kemenkominfo. (2013). Indeks Keamanan Informasi ( KAMI ). Retrieved from https://kominfo.go.id/index.php/content/detail/3326/Indeks+Keamanan+Informasi+(KAMI)/0/kemanan_informasi
  8. Isaca. (2012). Cobit 5: ISA.
  9. Davis, C., Schiller, M., & Wheeler, K. (2011). IT Auditing: Using Controls to Protect Information Assets (2 ed.). New York: McGraw Hill.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2018-04-30

Issue

Volume 4, Issue 5, March-April-2018

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Luqman Hakim, Avinanta Tarigan "Using the Information Security Index to Measure University Information Security Management : Concepts and Strategies" International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011,Volume 4, Issue 5, pp.1623-1635, March-April-2018.