The Model Of Quantifying Information Security With Cobit 5 Matrix In Indonesia Higher Education
Abstract
Currently in the era of Industry 4.0, information security and cyber security becomes very important for all areas of government, private and education. The information produced by each party shall be maintained from the disturbance of various things, both natural disturbances and human disturbances. This paper examines more deeply about the quantification of information security with COBIT 5 Information Security approach and information security calculation matrix of each criterion especially in Higher Education only, since it has not been done by educational practitioners and all academicians to maintain and secure information resulting from. The outcome of this research is the degree of inventory criteria of information security function that is the current, expected and maximum degree. Object of in-depth research on campus Perbanas Insititut with degree "0" ie there is no Director of Information Security, Assessment of threats and vulnerabilities, Vulnerability management and incident response, including Business continuity and disaster recovery. For the distribution of questionnaires of respondents good results above 60% are Q1, Q2, Q5, Q7, Q11, Q13, Q23, Q25 and Q27, details can be seen in the study outcome table. Furthermore, this study produces an information security matrix for the 14 prescribed aspects of the COBIT 5 information security security risk. The information security posture will produce good information when the security matrix indicator is over 2 to 5, ie 2 (managed), 3 (established), 4 (predictable) and 5 (optimized). The average Higher Education in Indonesia is still in the COBIT 5 information security matrix below 2.
Keywords
Full Text:
PDFReferences
Andrei Ioan Hohan, Marieta Olaru, Ionela Carmen Pirnea. (2015), Assessment and continuous improvement of information security based on TQM and business excellence principles, Emerging Markets Queries in Finance and Business, Procedia Economics and Finance 32 (2015) 352 – 359
Braeuer J., Ploesch R., Saft M. (2017) Measuring Maintainability of OO-Software - Validating the IT-CISQ Quality Model. In: Janech J., Kostolny J., Gratkowski T. (eds) Proceedings of the 2015 Federated Conference on Software Development and Object Technologies. SDOT 2015. Advances in Intelligent Systems and Computing, vol 511. Springer, Cham
Ciptaningrum, D., Nugroho, E., & Adhipta, D. (2015). Audit Keamanan Sistem Informasi Pada Kantor Pemerintah Kota Yogyakarta Menggunakan Cobit 5. Sentika, 2015(Sentika), Seminar Nasional Teknologi Informasi dan Komunikasi 2015 (SENTIKA 2015), ISSN: 2089-9815, pp. 65-74.
Fitrianah, D., & Sucahyo, Y. G. (2013). Audit Sistem Informasi/Teknologi Informasi dengan Kerangka Kerja COBIT untuk Evaluasi Manajemen Teknologi Informasi di Universitas XYZ. Journal of Chemical Information and Modeling, 53(9), 1689–1699. https://doi.org/10.1017/CBO9781107415324.004
Hanim Maria Astuti, Feby Artwodini Muqtadiroh, Eko Wahyu Tyas Darmaningrat, Chitra Utami Putri. (2017), Risks Assessment of Information Technology Processes Based on COBIT 5 Framework: A Case Study of ITS Service Desk, 4th Information Systems International Conference 2017, ISICO 2017, 6-8 November 2017, Bali, Indonesia, Procedia Computer Science 124 (2017) 569–576.
I. G. So et al., "Action Design of Information Systems Security Governance for Bank Using COBIT 4.1 and Control Standard of ISO 27001", Advanced Materials Research, Vol. 905, pp. 663-668, 2014
Knut Haufe, Ricardo Colomo-Palacios, Srdan Dzombeta, Knud Brandis,Vladimir Stantchev. (2016). ISMS core processes: A study, Conference on ENTERprise Information Systems / International Conference on Project MANagement / Conference on Health and Social Care Information Systems and Technologies, CENTERIS / ProjMAN / HCist 2016, October 5-7, 2016, Procedia Computer Science 100 (2016) 339 – 346
Knut Haufe, Ricardo Colomo-Palacios, Srdan Dzombeta, Knud Brandis,Vladimir Stantchev. (2016), Security Management Standards: A Mapping, Conference on ENTERprise Information Systems / International Conference on Project MANagement / Conference on Health and Social Care Information Systems and Technologies, CENTERIS / ProjMAN / HCist 2016, October 5-7, 2016, Procedia Computer Science 100 (2016) 755 – 761.
DOI: http://dx.doi.org/10.52155/ijpsat.v10.1.541
Refbacks
- There are currently no refbacks.
Copyright (c) 2018 IGN MANTRA
This work is licensed under a Creative Commons Attribution 4.0 International License.