运用ISO/IEC 27005: 2018加强信息安全管理(以国防部数据信息中心为例)

2020 12th International Conference on Information Technology and Electrical Engineering (ICITEE) Pub Date : 2020-10-06 DOI:10.1109/ICITEE49829.2020.9271748

Muhammad Fahrurozi, Soli Agrina Tarigan, Marah Alam Tanjung, K. Mutijarsa

{"title":"运用ISO/IEC 27005: 2018加强信息安全管理(以国防部数据信息中心为例)","authors":"Muhammad Fahrurozi, Soli Agrina Tarigan, Marah Alam Tanjung, K. Mutijarsa","doi":"10.1109/ICITEE49829.2020.9271748","DOIUrl":null,"url":null,"abstract":"The country's vital objects that provide data and information are vulnerable to threats. Information in the form of valuable assets needs to be protected from threats and vulnerabilities. Data and information must be guaranteed confidentiality, integrity, authenticity, and availability. Data and Information Center of Ministry of Defence, better known as Pusdatin Kemhan. Business processes owned by this organization are very complex. Pusdatin Kemhan requires strengthening in managing information security because the assets carried are important and high-value assets that are needed by leaders who assist in making decisions to support national defense and security. The implementation of information security and the existence of risk management are still not well managed. This study will provide an information security management design method based on risk management based on ISO / IEC 27005: 2018. The results of this study are the information security management policy at the Center for Data Processing and Information Technology.","PeriodicalId":245013,"journal":{"name":"2020 12th International Conference on Information Technology and Electrical Engineering (ICITEE)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"The Use of ISO/IEC 27005: 2018 for Strengthening Information Security Management (A Case Study at Data and Information Center of Ministry of Defence)\",\"authors\":\"Muhammad Fahrurozi, Soli Agrina Tarigan, Marah Alam Tanjung, K. Mutijarsa\",\"doi\":\"10.1109/ICITEE49829.2020.9271748\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The country's vital objects that provide data and information are vulnerable to threats. Information in the form of valuable assets needs to be protected from threats and vulnerabilities. Data and information must be guaranteed confidentiality, integrity, authenticity, and availability. Data and Information Center of Ministry of Defence, better known as Pusdatin Kemhan. Business processes owned by this organization are very complex. Pusdatin Kemhan requires strengthening in managing information security because the assets carried are important and high-value assets that are needed by leaders who assist in making decisions to support national defense and security. The implementation of information security and the existence of risk management are still not well managed. This study will provide an information security management design method based on risk management based on ISO / IEC 27005: 2018. The results of this study are the information security management policy at the Center for Data Processing and Information Technology.\",\"PeriodicalId\":245013,\"journal\":{\"name\":\"2020 12th International Conference on Information Technology and Electrical Engineering (ICITEE)\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 12th International Conference on Information Technology and Electrical Engineering (ICITEE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICITEE49829.2020.9271748\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 12th International Conference on Information Technology and Electrical Engineering (ICITEE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITEE49829.2020.9271748","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

该国提供数据和信息的重要设施容易受到威胁。需要保护有价值的资产形式的信息免受威胁和漏洞的侵害。必须保证数据和信息的保密性、完整性、真实性和可用性。国防部数据和信息中心，更广为人知的名字是Pusdatin Kemhan。该组织拥有的业务流程非常复杂。普京需要加强信息安全管理，因为所携带的资产是协助制定支持国防和安全决策的领导人所需要的重要和高价值资产。信息安全的实施与风险管理仍然存在管理不善的问题。本研究将提供基于ISO / IEC 27005: 2018的基于风险管理的信息安全管理设计方法。本研究的结果是数据处理与信息技术中心的信息安全管理政策。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

The Use of ISO/IEC 27005: 2018 for Strengthening Information Security Management (A Case Study at Data and Information Center of Ministry of Defence)

The country's vital objects that provide data and information are vulnerable to threats. Information in the form of valuable assets needs to be protected from threats and vulnerabilities. Data and information must be guaranteed confidentiality, integrity, authenticity, and availability. Data and Information Center of Ministry of Defence, better known as Pusdatin Kemhan. Business processes owned by this organization are very complex. Pusdatin Kemhan requires strengthening in managing information security because the assets carried are important and high-value assets that are needed by leaders who assist in making decisions to support national defense and security. The implementation of information security and the existence of risk management are still not well managed. This study will provide an information security management design method based on risk management based on ISO / IEC 27005: 2018. The results of this study are the information security management policy at the Center for Data Processing and Information Technology.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 12th International Conference on Information Technology and Electrical Engineering (ICITEE)

自引率

0.00%

发文量