KUSNANDAR, Aris and Rochim, Adian Fatchur and Gunawan S.K., Vincensius (2024) DESAIN PENGEMBANGAN ALAT UKUR KEMATANGAN KEAMANAN SISTEM INFORMASI MENGGUNAKAN METODE FUZZY FMEA BERBASIS FRAMEWORK ISO/IEC 27001 (STUDI KASUS: DISDUKCAPIL). Masters thesis, UNIVERSITAS DIPONEGORO.

	Text Draft Tesis Aris Kusnandar-COVER.pdf Download (1MB)
	Text Draft Tesis Aris Kusnandar-BAB I.pdf Download (308kB)
	Text Draft Tesis Aris Kusnandar-BAB II.pdf Download (435kB)
	Text Draft Tesis Aris Kusnandar-BAB III.pdf Restricted to Repository staff only Download (620kB)
	Text Draft Tesis Aris Kusnandar-BAB IV.pdf Restricted to Repository staff only Download (968kB)
	Text Draft Tesis Aris Kusnandar-BAB V.pdf Download (332kB)
	Text Draft Tesis Aris Kusnandar-DAPUS.pdf Download (295kB)
	Text Draft Tesis Aris Kusnandar-LAMPIRAN.pdf Restricted to Repository staff only Download (772kB)

Abstract

Sangat sedikit organisasi yang tidak menyadari akan pentingnya keamanan informasi, padahal keamanan informasi menjadi hal yang penting terhadap jalanya suatu organisasi. Dinas Kependudukan dihadapkan pada sejumlah ancaman keamanan informasi dari berbagai sumber. Setiap ancaman keamanan seperti pencurian informasi, penipuan, vandalisme, dan peretasan komputer akan mempengaruhi organisasi. Tingkat risiko ancaman keamanan informasi perlu diketahui oleh organisasi guna memastikan keamanan informasi dalam batas yang aman. Penelitian ini menggunakan kerangka kerja ISO/IEC 27001:2013 sebagai metode untuk menganalisis risiko. Perhitungan nilai risiko menggunakan metode FMEA yang diintegrasikan dengan metode fuzzy untuk mengetahui tingkat risiko ancaman keamanan informasi. Hasil Penelitian berupa laporan hasil pengolahan risiko yang berisikan daftar prioritas risiko dan rencana pengendalian sesuai standar ISO/IEC 27001:2013. Hasil studi membuktikan bahwa organisasi belum mematuhi prosedur standar keamanan/ informasi sehingga perlu mendokumentasikan kebijakan keamanan berdasarkan ISO/IEC 27001:2013.
Kata Kunci : FMEA, Fuzzy, ISO 27001, Keamanan Informasi

Very few organizations are unaware of the importance of information security, even though information security is crucial to the functioning of an organization. The Population Office faces a number of information security threats from various sources. Each security threat such as information theft, fraud, vandalism, and computer hacking will affect the organization. The level of risk of information security threats needs to be known by the organization to ensure information security within safe limits. This study uses the ISO/IEC 27001:2013 framework as a method for analyzing risks. Risk value calculations use the FMEA method integrated with fuzzy methods to determine the level of information security threat risk. The research results in a report of risk processing results containing a list of risk priorities and control plans in accordance with ISO/IEC 27001:2013 standards. The study results prove that the organization does not comply with standard security/information procedures, so it is necessary to document security policies based on ISO/IEC 27001:2013.
Keywords: FMEA, FUZZY, ISO 27001, Information Security

Actions (login required)

View Item