{"title":"信息安全治理和管理能力评估:来自税务总局的经验教训","authors":"Bandi Ashari","doi":"10.17933/JPPI.2020.100102","DOIUrl":null,"url":null,"abstract":"The information has an important role in improving the business operation and serving the decision-making process. The emerging of e-commerce and e-government require more frequent data exchanges included sensitive data. This study will focus on looking at the portrait of the Directorate General of Tax (DGT) in planning and building the ability to enforce IT governance, especially those related to information security. In addition, this research can also be used as a DGT basis for continuous improvement. We use the ISGM capability model to combine COBIT 5 and ISO 27001 as an approach to measure the capability of organizations in governing and manage their information security. We found that DGT’s information security governance and management capability at overall is at level well defined. Almost of ISGM building blocks has been established according to tailor-made policy and standard. With this capability level, DGT’s ISGM could contribute to the business as shown in several DGT’s program. But, to get optimal value from ISGM DGT need to improve the capability level, especially related to organizational aspects like alignment with business strategies and resource management.","PeriodicalId":31332,"journal":{"name":"Jurnal Penelitian Pos dan Informatika","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Information Security Governance and Management Capability Assessment: A Lesson Learned from Directorate General of Taxes\",\"authors\":\"Bandi Ashari\",\"doi\":\"10.17933/JPPI.2020.100102\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The information has an important role in improving the business operation and serving the decision-making process. The emerging of e-commerce and e-government require more frequent data exchanges included sensitive data. This study will focus on looking at the portrait of the Directorate General of Tax (DGT) in planning and building the ability to enforce IT governance, especially those related to information security. In addition, this research can also be used as a DGT basis for continuous improvement. We use the ISGM capability model to combine COBIT 5 and ISO 27001 as an approach to measure the capability of organizations in governing and manage their information security. We found that DGT’s information security governance and management capability at overall is at level well defined. Almost of ISGM building blocks has been established according to tailor-made policy and standard. With this capability level, DGT’s ISGM could contribute to the business as shown in several DGT’s program. But, to get optimal value from ISGM DGT need to improve the capability level, especially related to organizational aspects like alignment with business strategies and resource management.\",\"PeriodicalId\":31332,\"journal\":{\"name\":\"Jurnal Penelitian Pos dan Informatika\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Jurnal Penelitian Pos dan Informatika\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.17933/JPPI.2020.100102\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Jurnal Penelitian Pos dan Informatika","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17933/JPPI.2020.100102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Information Security Governance and Management Capability Assessment: A Lesson Learned from Directorate General of Taxes
The information has an important role in improving the business operation and serving the decision-making process. The emerging of e-commerce and e-government require more frequent data exchanges included sensitive data. This study will focus on looking at the portrait of the Directorate General of Tax (DGT) in planning and building the ability to enforce IT governance, especially those related to information security. In addition, this research can also be used as a DGT basis for continuous improvement. We use the ISGM capability model to combine COBIT 5 and ISO 27001 as an approach to measure the capability of organizations in governing and manage their information security. We found that DGT’s information security governance and management capability at overall is at level well defined. Almost of ISGM building blocks has been established according to tailor-made policy and standard. With this capability level, DGT’s ISGM could contribute to the business as shown in several DGT’s program. But, to get optimal value from ISGM DGT need to improve the capability level, especially related to organizational aspects like alignment with business strategies and resource management.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
