Audit Keamanan Sistem Informasi Puskesmas Dengan Standar ISO/IEC 27001:2013 Dan Framework COBIT 5

NUANSA INFORMATIKA Pub Date : 2024-01-26 DOI:10.25134/ilkom.v18i1.56

Titan Parama Yoga, V. Maharani, Naufal Dwi Maulana

{"title":"Audit Keamanan Sistem Informasi Puskesmas Dengan Standar ISO/IEC 27001:2013 Dan Framework COBIT 5","authors":"Titan Parama Yoga, V. Maharani, Naufal Dwi Maulana","doi":"10.25134/ilkom.v18i1.56","DOIUrl":null,"url":null,"abstract":"One of the problems of a company is the security of information systems. High security is needed to maintain the confidentiality and misuse of information within the organization. To improve the security of business operations and the quality of information technology resources, it is necessary to evaluate the security of existing information technology assets. Just like one of the systems at PT Infokes Indonesia, namely the Health Center Information System, this is a multi-functional application based on a web base so that it can be used by more than one user at the same time as patient recording is done electronically. The purpose of this study was to conduct a security audit of the Health Center Information System at PT. Infokes Indonesia uses ISO/IEC 27001:2013 and the COBIT 5 framework to document audit findings of information system audits at PT. Infokes Indonesia to make an audit report. Based on the results of research that has been conducted through interviews and questionnaires using the COBIT 5 framework and using the APO13 sub domain, the results show that Existing Capability is at level 1 while the expected Capability Level is at level 3 so that the Capability Gap is 2.","PeriodicalId":214195,"journal":{"name":"NUANSA INFORMATIKA","volume":"21 4","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-01-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"NUANSA INFORMATIKA","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.25134/ilkom.v18i1.56","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

One of the problems of a company is the security of information systems. High security is needed to maintain the confidentiality and misuse of information within the organization. To improve the security of business operations and the quality of information technology resources, it is necessary to evaluate the security of existing information technology assets. Just like one of the systems at PT Infokes Indonesia, namely the Health Center Information System, this is a multi-functional application based on a web base so that it can be used by more than one user at the same time as patient recording is done electronically. The purpose of this study was to conduct a security audit of the Health Center Information System at PT. Infokes Indonesia uses ISO/IEC 27001:2013 and the COBIT 5 framework to document audit findings of information system audits at PT. Infokes Indonesia to make an audit report. Based on the results of research that has been conducted through interviews and questionnaires using the COBIT 5 framework and using the APO13 sub domain, the results show that Existing Capability is at level 1 while the expected Capability Level is at level 3 so that the Capability Gap is 2.

查看原文本刊更多论文

根据 ISO/IEC 27001:2013 标准和 COBIT 5 框架对 Puskesmas 信息系统进行安全审计

公司的问题之一是信息系统的安全。需要高度的安全性来维护组织内部信息的保密性和滥用。为了提高业务运营的安全性和信息技术资源的质量，有必要对现有信息技术资产的安全性进行评估。就像印尼 PT Infokes 公司的一个系统，即保健中心信息系统一样，这是一个基于网络基础的多功能应用系统，可以同时供多个用户使用，因为病人记录是通过电子方式完成的。本研究的目的是对 PT.印尼 Infokes 公司使用 ISO/IEC 27001:2013 和 COBIT 5 框架来记录 PT.Infokes印尼公司的信息系统审计结果进行记录，形成审计报告。根据使用 COBIT 5 框架和 APO13 子领域通过访谈和问卷调查进行的研究结果，现有能力为 1 级，而预期能力水平为 3 级，因此能力差距为 2 级。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

NUANSA INFORMATIKA

自引率

0.00%

发文量