The Use of ISO/IEC 27005: 2018 for Strengthening Information Security Management (A Case Study at Data and Information Center of Ministry of Defence)
The country's vital objects that provide data and information are vulnerable to threats. Information in the form of valuable assets needs to be protected from threats and vulnerabilities. Data and information must be guaranteed confidentiality, integrity, authenticity, and availability. Data an...
Saved in:
| Published in: | 2020 12th International Conference on Information Technology and Electrical Engineering (ICITEE) pp. 86 - 91 |
|---|---|
| Main Authors: | , , , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
06-10-2020
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The country's vital objects that provide data and information are vulnerable to threats. Information in the form of valuable assets needs to be protected from threats and vulnerabilities. Data and information must be guaranteed confidentiality, integrity, authenticity, and availability. Data and Information Center of Ministry of Defence, better known as Pusdatin Kemhan. Business processes owned by this organization are very complex. Pusdatin Kemhan requires strengthening in managing information security because the assets carried are important and high-value assets that are needed by leaders who assist in making decisions to support national defense and security. The implementation of information security and the existence of risk management are still not well managed. This study will provide an information security management design method based on risk management based on ISO / IEC 27005: 2018. The results of this study are the information security management policy at the Center for Data Processing and Information Technology. |
|---|---|
| DOI: | 10.1109/ICITEE49829.2020.9271748 |