EVALUASI PENILAIAN MANDIRI PENERAPAN SMKI DI SALAH SATU LINGKUNGAN K/L

Abstract

In the context of managing the information security management system (SMKI), ministries/agencies (K/L) have committed to participate in maintaining the confidentiality and security of information on all data managed in each K/L so that aspects of confidentiality, integrity, and availability of All and information assets belonging to the company from threats from internal and external parties can be properly maintained. The existence of the Perpim, Perkom, and SMKI policies as information security management system (SMKI) policies and standards within the K/L environment makes them a guideline to protect confidential data and information belonging to the Institution from various forms of threats both from within and outside the K/L environment. Furthermore, the most important thing in the implementation of an information security management system is to evaluate the implementation of the ISMS, which is termed monitor and review. Evaluation is needed to guarantee the implementation of the ISMS so that the selected security control system can protect data and information from various risks and provide confidence in the level of security for the institution. Evaluation in this study was carried out using the ISMS self-assessment evaluation tool which is a derivative of the KAMI Index tool. This tool is used to measure the implementation of ISMS within the Institution. Evaluation is carried out on various areas that are the target of implementing information security with a scope of discussion that also meets all security aspects defined by the ISO/IEC 27001:2005 standard. The results of this study are evaluations to obtain an assessment of the understanding and implementation of IT security management, determine the maturity level of information technology security management and obtain recommendations on the results of information security management analysis.