Sistem Manajemen Keamanan Informasi (SMKI) di PT. Surveyor Indonesia Cabang Surabaya: Penerapan Standar ISO 27001:2013
Main Article Content
Abstract
This article discusses the implementation of the Information Security Management System (ISMS) and the adoption of the ISO 27001:2013 standard at PT Surveyor Indonesia Surabaya Branch. The purpose of writing this article is to analyze the process of designing, implementing, and maintaining the IMS, as well as the integration of the ISO 27001:2013 standard in the company's business practices. The results of the article show that the implementation of the SMKI and the adoption of the ISO 27001:2013 standard have had a positive impact on improving the information security and overall performance of PT Surveyor Indonesia Surabaya Branch. However, there were some challenges and barriers faced during the implementation process, such as limited resources and resistance from employees. Nonetheless, the integration of ISO 27001:2013 standard in PT Surveyor Indonesia Surabaya Branch is not only formal compliance but also implemented in daily business practices to protect the company's critical information and ensure optimal information security. The writing of this article is expected to make a significant contribution to PT Surveyor Indonesia, the academic community, and information security practitioners, as well as being a valuable contribution in the context of implementing the ISO 27001:2013 standard in an increasingly connected business era.
Downloads
Article Details
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
References
A. Kadir, Pengenalan Sistem Informasi, Yogyakarta: Andi Offset, 2003.
A. Kristanto, Komputer dan Teknologi Informasi, Yogyakarta: Graha Ilmu, 2003.
Agustian, Fajrin. 2011. Kajian Tingkat bendaharaan dan Anggaran Negara (SPAN) Kematangan Sistem Manajemen KeamananInformasi menggunakan Indeks KAMI (Studi Kasus: Kantor Pusat Direktorat Jenderal Pajak). Sekolah Tinggi Akuntansi Negara.
Badan Standardisasi Nasional. 2009. SNIISO/IEC 27001:2009 Teknologi Informasi –Teknik Keamanan – Sistem Manajemen Keamanan Informasi – Persyaratan. Jakarta: Badan Standardisasi Nasional – BSN.
Catur Daya Solusi, “Upgrading ISO 27001:2005 ke ISO 27001:2013,” 9 Maret 2015. [Online]. Available: http://caturdayasolusi.com/upgrading-iso-270012005-ke-iso- 270012013/.
H. M. Jogiyanto, Analisis dan desain sistem informasi, Yogyakarta: Andi Offset, 2005.
Hartati, T. (2017). Perencanaan Sistem Manajemen Keamanan Informasi Bidang Akademik Menggunakan ISO 27001:2013.
Kementerian Komunikasi dan Informatika. 2011. Panduan Penerapan Tata Kelola Keamanan Informasi bagi Penyelenggara Pelayanan Publik. Jakarta: Direktorat Keamanan Informasi Direktorat Jenderal Aplikasi dan Informatika Informasi Kementerian Komunikasi dan Informatika.
Prosedur Security TI nomor dokumen : P-DTI-02
Syarif, R. A., & Nugroho, A. (2016). Analisis Tingkat Kematangan Sistem Manajemen Keamanan Informasi Direktorat Jenderal Perbendaharaan Diukur dengan Menggunakan Indeks Keamanan Informasi (Studi Kasus: Aplikasi SPAN).