Analisis dan Manajemen Risiko Keamanan Informasi Menggunakan Metode Failure Mode and Effects Analysis (FMEA) dan Kontrol ISO/IEC 27001:2022 (Studi Kasus: Dinas Komunikasi, Informatika, dan Statistik Kabupaten XYZ)

Alda Risma Harjian, Raden Venantius Hari Ginardi, Henning Titi Ciptaningtyas
Submission Date: 2024-07-25 16:39:44
Accepted Date: 2025-04-24 08:33:35

Abstract


Teknologi informasi merupakan salah satu kebutuhan penting sebuah organisasi untuk menunjang kegiatan operasional serta membantu meningkatkan efisiensi dan efektifitas proses kegiatan organisasi. Namun, penggunaan TI melibatkan risiko keamanan informasi, sehingga bisnis atau lembaga pemerintah harus mengelola aset informasi mereka. Dinas Komunikasi, Informatika, dan Statistik Kabupaten XYZ bertanggung jawab atas pengelolaan informasi dan statistik di wilayah tersebut, tetapi belum memiliki kebijakan manajemen risiko yang mengatur tentang keamanan informasi. Penelitian ini bertujuan untuk mengidentifikasi, menilai, dan memberikan rekomendasi mitigasi risiko pada DISKOMINFOTIK. Data dikumpulkan melalui observasi, wawancara, kuesioner, dan peninjauan dokumen. Metode Failure Mode and Effect Analysis (FMEA) digunakan untuk mengidentifikasi proses bisnis, penyebab, dampak kegagalan, serta menilai tingkat keparahan, kejadian, deteksi, dan Risk Priority Number (RPN). ISO/IEC 27001 memberikan rekomendasi mitigasi risiko. Dalam penelitian ini diperoleh 37 potential cause dan 29 risiko terkait aset hardware, software, people, network, dan data. Berdasarkan RPN, terdapat 3 risiko kategori very low, 11 low, 6 moderate, 11 high, dan 6 very high. Standar Nasional Indonesia (SNI) ISO/IEC 27001:2022 digunakan untuk mengurangi risiko dengan 9 kontrol keamanan.

Keywords


Failure Mode and Effect Analysis (FMEA); ISO/IEC 27001:2022; Keamanan Informasi; Manajemen Risiko

Full Text: PDF

CC Licencing


Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Refbacks

  • There are currently no refbacks.


situs gacor 4d

Creative Commons License
Jurnal Teknik ITS by Direktorat Riset dan Pengabdian Masyarakat (DRPM) ITS is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Based on a work at https://ejurnal.its.ac.id/index.php/teknik.
Statistik Pengunjung