SNI ISO/IEC 27001 dan Indeks KAMI: Manajemen Risiko PUSDATIN (PUPR)
Pusdatin of the Ministry of Public Works and Public Housing is an institution that manages data and information to support management within the ministry of public works. This research was conducted to evaluate the maturity of agencies prior to conducting an external audit of ISO 27001: 2013 certification. The method used in this research is PDCA (Plan-Do-Check-Act) using our index and ISO 27001, the technicality of this research starts from a check for analysis of current conditions, Act is carried out for assessment of the WE index, Plan compares our index results with ISO 27001, and Do control recommendations for improvement. The results of this evaluation show that PUSDATIN stopped at level I + in yellow area and overall PUSDATIN stated, "Needs improvement". In conclusion, Pusdatin is not ready for an external audit of ISO 27001: 2013 certification. The aforementioned results form the basis for the recommendations made from the findings of the WE index and compared with the ISO 27001 control.
Index Terms—audit keamanan informasi; indeks KAMI; ISO 27001:2013; tingkat kematangan SMKI
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike International License (CC-BY-SA 4.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
Copyright without Restrictions
The journal allows the author(s) to hold the copyright without restrictions and will retain publishing rights without restrictions.
The submitted papers are assumed to contain no proprietary material unprotected by patent or patent application; responsibility for technical content and for protection of proprietary material rests solely with the author(s) and their organizations and is not the responsibility of the ULTIMA InfoSys or its Editorial Staff. The main (first/corresponding) author is responsible for ensuring that the article has been seen and approved by all the other authors. It is the responsibility of the author to obtain all necessary copyright release permissions for the use of any copyrighted materials in the manuscript prior to the submission.