CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Assessment of Information Security on Regional Financial Management Information System using KAMI Index 4.2

by Rizky Dea Annisa Hidayah, Imam Riadi
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 184 - Number 27
Year of Publication: 2022
Authors: Rizky Dea Annisa Hidayah, Imam Riadi
10.5120/ijca2022922332

Rizky Dea Annisa Hidayah, Imam Riadi . Assessment of Information Security on Regional Financial Management Information System using KAMI Index 4.2. International Journal of Computer Applications. 184, 27 ( Sep 2022), 18-24. DOI=10.5120/ijca2022922332

@article{ 10.5120/ijca2022922332,
author = { Rizky Dea Annisa Hidayah, Imam Riadi },
title = { Assessment of Information Security on Regional Financial Management Information System using KAMI Index 4.2 },
journal = { International Journal of Computer Applications },
issue_date = { Sep 2022 },
volume = { 184 },
number = { 27 },
month = { Sep },
year = { 2022 },
issn = { 0975-8887 },
pages = { 18-24 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume184/number27/32484-2022922332/ },
doi = { 10.5120/ijca2022922332 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:22:33.935698+05:30
%A Rizky Dea Annisa Hidayah
%A Imam Riadi
%T Assessment of Information Security on Regional Financial Management Information System using KAMI Index 4.2
%J International Journal of Computer Applications
%@ 0975-8887
%V 184
%N 27
%P 18-24
%D 2022
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The security aspect concerns confidentiality, integrity, and availability. Problems with the implementation of security in SIMDA Finance have never held an information security assessment, there is no official policy regarding access rights to use SIMDA so data changes often occur. BPKAD requires an information security assessment to get an overview of the application of information security. The assessment is carried out using a questionnaire from the Information Security (KAMI) Index which refers to the ISO/IEC 27001:2013 standard, where respondents fill out questionnaires in 7 assessment areas. The results of the assessment show that the final score in the Electronic System area is in the High category with a score of 27, which means that SIMDA Finance is a part that is tied to the ongoing work process. The maturity level with a total score obtained from the results of the 5 areas of the KAMI Index is 218 which is at the Infeasible level. Meanwhile, for the maturity level, it gets groups I to II so it does not meet the feasibility of ISO 27001:2013 standardization. The results of the recommendations are in accordance with the results of the analysis, so SIMDA Finance needs to document all ongoing processes. Agencies need to pay attention to the implementation of information security internally and externally.

References
  1. PKP. (2014). SIMDA BMD Application Operation Manual version 2.0.7. November 2015, 1–61.
  2. Sugiyantari, D., Titisari, P., & Sumani, S. (2018). The Effectiveness of the Implementation of the Cloud Finance Regional Management Information System (Simda) in the Jember Regency Government. Bisma, 12(1), 106. https://doi.org/10.19184/bisma.v12i1.7607
  3. Yunella, M., Herlambang, AD, & Putra, WHN (2020). Evaluation of Information Security Governance at the Malang City Communication and Informatics Service Using the KAMI Index. Journal of Information Technology and Computer Science Development, 3(10), 9552–9559. http://j-ptiik.ub.ac.id/index.php/jptiik/article/view/6521
  4. Firzah, BA (2017). Evaluation of Information Security Management Using the Information Security Index (KAMI) Based on Iso / Iec 27001: 2013 at the Directorate of Technology and Information System Development (Dptsi) Its Surabaya Evaluating Information Security Management Using Ind. 6(1).
  5. BSSN. (2019). Information Security Index (KAMI). National Cyber and Crypto Agency (BSSN), November.
  6. Pratiwi Hadiati Agus, WL (2020). Evaluation of the Level of Information Security Readiness Using the Information Security Index (KAMI Index) Version 4.0 at the Bogor City Communications and Information Office. Journal of Technology Development …, 2(5), 146–163
  7. Information, TDK (2013). Guidelines for the Implementation of Information Security Governance for Public Service Providers. In Journal of Chemical Information and Modeling (Vol. 53, Issue 9).
  8. Saputra. (2020). Iso 17799 Policies In Organizations As Information Security System Management. Angewandte Chemie International Edition, 6(11), 951–952., 3(2), 5– 24.
  9. Kirillova, EA, Yakhutlov, UM, Wenqi, X., Huiting, G., & Suyu, W. (2020). Information security in the management of personnelin a modern organization. Proceedings of the 2020 IEEE International Conference “Quality Management, Transport and Information Security, Information Technologies”, IT and QM and IS 2020, 107–109. https://doi.org/10.1109/ITQMIS51053.2020.93228 84
  10. Sensuse, DI, Syarif, M., Suprapto, H., Wirawan, R., Satria, D., & Normandia, Y. (2017). Information security evaluation using KAMI index for security improvement in BMKG. 2017 5th International Conference on Cyber and IT Service Management, CITSM 2017. https://doi.org/101.1109/CITSM.2017.8089293.
  11. Monev, V. (2020). Organizational Information Security Maturity Assessment Based on ISO 27001 and ISO 27002. 2020 34th International Conference on Information Technologies, InfoTech 2020 - Proceedings, September, 17–18. https://doi.org/10.1109/InfoTech49733.2020.92110 66
  12. Yasin, M., Akhmad Arman, A., Edward, IJM, & Shalannanda, W. (2020). Designing information security governance recommendations and roadmap using COBIT 2019 Framework and ISO 27001:2013 (Case Study Ditreskrimsus Polda XYZ). Proceedings of the 14th International Conference on Telecommunication Systems, Services, and Applications, TSSA 2020, 2013(95), 3–7. https://doi.org/10.1109/TSSA51342.2020.9310875
  13. Adi Reynaldo, Sengkey Rizal, P. (2020). Information Security Analysis of Southeast Minahasa District Government Using the US Index. Journal of Engineering, 15(3), 189–198.
  14. Yasin, M., Akhmad Arman, A., Edward, IJM, & Shalannanda, W. (2020). Designing information security governance recommendations and roadmap using COBIT 2019 Framework and ISO 27001:2013 (Case Study Ditreskrimsus Polda XYZ). Proceedings of the 14th International Conference on TelecommunicationSystems, Services, and Applications, TSSA 2020, 2013(95), 3–7. https://doi.org/10.1109/TSSA51342.2020.9310875
  15. Adi Reynaldo, Sengkey Rizal, P. (2020). Information Security Analysis of Southeast Minahasa District Government Using the US Index. Journal of Engineering, 15(3), 189–198.
  16. Sun, Z., Zhang, J., Yang, H., & Li, J. (2020). Research on the Effectiveness Analysis of Information Security Controls. Proceedings of 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference, ITNEC 2020, Itnec, 894– 897. https://doi.org/10.1109/ITNEC48623.2020.908480 9
  17. Nurbojatmiko, Fajar Firmansyah, A., Aini, Q., Saehudin, A., & Amsariah, S. (2020). Information Security Awareness of Students on Academic Information System Using the Kruger Approach. 2020 8th International Conference on Cyber and IT Service Management, CITSM 2020.https://doi.org/101.1109/CITSM50537.2020.92687 95
  18. Bhaskoro, SF, & Riadi, I. (2022). Analysis of Risk Assessment on Attendance Information Systems using COBIT 5 Framework. International Journal of Computer Applications, 184(7), 16–24. https://doi.org/10.5120/ijca2022922030
  19. Noveryal, N., & Riadi, I. (2022). Analysis a Maturity of Case Search Information Systems using Cobit 5 Framework. International Journal of Computer Applications, 184(12), 29–35. https://doi.org/10.5120/ijca2022922101
  20. Development and Finance Supervisory Agency. SIMDA Computer Application Program. Accessed on Friday 24 September 2021. http://bpkp.go.id/konten/433/SIMDA.bpkp
  21. Hardianti, S., & Riadi, I. (2022). Service Risk Assessment Learning Management System using ISO 31000:2018/31010. International Journal of Computer Applications, 184(4), 1–11. https://doi.org/10.5120/ijca2022921993
  22. Volchkov, A. (2019). Information security governance: framework and toolset for CISOs and decision makers. CRC Press
  23. Rahardjo, B. (2017). Information & Network Security. INDONESIAN PEOPLE. http://budi.rahardjo.id/files/keamanan.pdf
  24. Susanto, H. (2018). Information Security Is INFORMATION Security. In Zen and the Art of Information Security. APPLE ACADEMIC PRESS. https://doi.org/10.1016/b978 159749168- 6/50012-7
  25. Chopra, A., & Chaudhary, M. (2020). Implementing an Information Security Management System. In Implementing an Information Security Management System. APRESS. https://doi.org/10.1007/978-1-4842- 5413-4
  26. Purnama, C. (2016). Management Information Systems (C. Anam (ed.)). Global People.
  27. KOMINFO. (2011). Guidelines for the Implementation of Information Security Governance for Public Service Providers. In the Directorate of Information Security, Ministry of Communications and Information Technology (Issue April).
  28. Y. C. Yuze, Y. Priyadi, and. C., "Analysis of Information Security Management Systems Using ISO/IEC 27001: 2013 and Recommendations for System Models Using Data Flow Diagrams at the Directorate of Higher Education Information Systems," J. Sist. Inf. Bisnis, vol. 6, no. 1, p. 38, 2016, doi: 10.21456/vol6iss1pp38-45.
  29. R. Umar, I. Riadi, and E. Handoyo, “Information System Security Analysis Based on COBIT 5 Framework Using Capability Maturity Model Integration (CMMI),” J. Sist. Inf. Bisnis, vol. 9, no. 1, p. 47, 2019, doi: 10.21456/vol9iss1pp47-54.
  30. N. A. Widodo and and A. F. R. , R. Rizal Isnanto, “Planning and Implementation of Information Security Management System Based on Iso/Iec 27001:2005 Standard (Case Study in a National Private Bank),” vol. 4, no. 1, pp. 60–66, 2016.
  31. A. C. D. Tinungki, S. R. Sentinuwo, and S. Karouw, "Analysis of the Maturity Level of Information Security Application of the Bitung City Government Using the KAMI Index (Case Study: Office of Communication and Informatics ..." Repo.Unsrat.Ac.Id, pp. 1–8, 2021, [Online]. Available: http://repo.unsrat.ac.id/2963/.
  32. W. Apriandari and A. Sasongko, “Analysis of Information Security Management Systems Using Sni Iso / Iec 27001: 2013 in the Regional Government of Sukabumi City (Case Study: At Diskominfo Sukabumi City),” Ilm. SANTIKA, vol. 8, no. 1, pp. 715–729, 2018.
  33. N. Matondang, I. N. Isnainiyah, and A. Muliawatic, "Information System Data Security Risk Management Analysis (Case Study: XYZ Hospital)," J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 2, no. 1, pp. 282–287, 2018, doi: 10.29207/resti.v2i1.96.
  34. W. C. Pamungkas and F. T. Saputra, "Evaluation of Information Security at SMA N 1 Sentolo Based on the Information Security Index (KAMI) ISO/IEC 27001:2013," J. Sist. Komput. dan Inform., vol. 1, no. 2, p. 101, 2020, doi: 10.30865/json.v1i2.1924.
  35. M. I. Rosadi and L. Hakim, "Measurement and Evaluation of Yudharta University SIAKAD Security Using the US Index," Explor. IT J. Keilmuan Apl. Tek. Inform. Univ. Yudharta Pasuruan, vol. 7, no. 1, pp. 33– 42, 2015.
  36. A. S. Anas, I. G. A. S. D. G. Utami, A. B. Maulachela, and A. Juliansyah, “KAMI index as an evaluation of academic information system security at XYZ university,” Matrix J. Manaj. Teknol. dan Inform., vol. 11, no. 2, pp. 55–62, 2021, doi: 10.31940/matrix.v11i2.2447.
  37. I. P. N. Hartawan and M. Sudarma, “ISMS Evaluation Using KAMI Index v.4 Based on ISO/IEC 27001:2013 (Case Study: Koperasi XYZ),” vol. 6, no. 2, pp. 4–7, 2021.
Index Terms

Computer Science
Information Sciences

Keywords

Assessment Information Security KAMI Index 4.2

Powered by PhDFocusTM