Evaluation of Basic Principles of Information Security at University Using COBIT 5
DOI:
https://doi.org/10.30812/matrik.v21i2.1311Keywords:
COBIT 5, Evaluation, Information SecurityAbstract
Information security issues commonly arise in a company and institution, including those in University. Some of the threats and attacks are unauthorized access, system user accountability, and logical and physical issues. This study reveals the obedience rate of the information security principle in Universitas Amikom Purwokerto and provides a recovery strategy. The domains being used were APO13, DSS5, and MEA3. The researcher employed a descriptive quantitative method by having documentation, interview, and administering a questionnaire to the respondents. The respondents were 83 employees who got selected by using the purposive sampling technique. The result shows that the capability level is in level 3, known as the established process. It means that the employees have applied the current procedure, even though they have not applied information security management. The proposed refinement strategy emphasizes the security policy, classification and asset management, physics and environment security, and business continuity management. The gap can be fixed by implementing the proposed refinement strategy. Future researchers may evaluate obedience based on the identified variables by keeping the standard in mind.
Downloads
Download data is not yet available.
References
[1] P. R. E. Indrajit, Konsep dan Strategi Keamanan Informasi di Dunia Cyber. Yogyakarta: Graha Ilmu, 2014.
[2] IBISA, Keamanan Sistem Informasi. Yogyakarta: ANDI OFFSET, 2011.
[3] P. P. G. Pertama and I. W. Ardiyasa, “Audit Keamanan Sistem Informasi Perpustakaan STMIK STIKOM Bali Menggunakan Kerangka Kerja COBIT,†Jurnal Sistem Dan Informatika, Vol. 13, No. 2, PP. 77–86, 2019.
[4] R. R, I. Riadi, and Y. Prayudi, “A Maturity Level Framework for Measurement of Information Security Performance,†International Journal of Computer Applications, Vol. 141, No. 8, PP. 1–6, 2016
[5] E. Kurniawan and I. Riadi, “Security level analysis of academic information systems based on standard ISO 27002: 2013 using SSE-CMM,†International Journal of Computer Science and Information Security (IJCSIS), Vol. 16, No. 1, PP. 139–147, 2018
[6] R. Umar, I. Riadi, and E. Handoyo, “Analisis Keamanan Sistem Informasi Berdasarkan Framework COBIT 5 Menggunakan Capability Maturity Model Integration (CMMI),†Jurnal Sistem Informasi Bisnis, Vol. 9, No. 1, PP. 47–54, 2019
[7] H. Ghasali and K. Christianto, “System Information Audit with COBIT 4.1 and Balanced Scorecard Framework (Case Study: PT. Boga Dimsum Indonesia),†Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), Vol. 2, No. 2, PP. 560–565, 2018
[8] L. Lelah and Toto Suharto, “Tata Kelola Keamanan Teknologi Informasi Menggunakan Cobit 5 (Studi Kasus pada Dinas Komunikasi dan Informasi Kota Sukabumi),†Jurnal Gaung Informatika, Vol. 12, No. 1, PP. 46–55, 2019 [Online]. Available: http://jurnal.usahidsolo.ac.id/index.php/GI/article/view/321
[9] E. Surjandy; Fernando, A. R. Condrobimo, and M. R. Yudho, “Evaluasi Penerapan IT Governance Pada Bank Berdasarkan Cobit 5 ( Study Kasus Pada Bank XYZ ) Evaluation Implementaion of IT Governance At Bank Xyz Based On Cobit 5 ( Case Study at Bank XYZ ),†Jurnal Teknologi dan Ilmu Komputer (JTIIK), Vol. 7, No. 3, PP. 453–460, 2020
[10] I. J. Aritonang, E. D. Udayanti, and N. Iksan, “Audit Keamanan Sistem Informasi Menggunakan Framework Cobit 5 (APO13),†Information Technology Engineering Journals, Vol. 3, No. 2, PP. 3–7, 2018.
[11] F. Effendy and E. Hariyanti, “Manajemen Masalah Teknologi Informasi Berdasarkan Kerangka Kerja ITIL V3 dan COBIT 5,†Jurnal Sistem Informasi Bisnis, Vol. 8, No. 2, PP. 157–165, 2018
[12] A. L. Y. A. Andrianti, “Tata Kelola Keamanan Teknologi Informasi Menggunakan Framework COBIT 5 Fokus Proses DSS05 (Studi Pada RS Bhayangkara Jambi),†Indonesian Journal of Computer Science, Vol. 9, No. 2, PP. 86–95, 2020.
[13] E. Handoyo, “Analisis Tingkat Keamanan Informasi: Studi Komparasi Framework Cobit 5 Subdomain Manage Security Services (DSS05) dan NIST SP 800 – 55,†Jurnal Computer Science and Information Technology (CoSciTech), Vol. 1, No. 2, PP. 57–64, 2020.
[14] Y. D. Imany, W. Hayuhardhika, N. Putra, and A. D. Herlambang, “Evaluasi Tata Kelola Keamanan Informasi menggunakan COBIT 5 pada Domain APO13 dan DSS05 ( Studi pada PT Gagas Energi Indonesia ),†Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, Vol. 3, No. 6, PP. 5926–5935, 2019.
[15] T. Tarwoto and A. P. Kuncoro, “Evaluasi Penerapan Sistem Informasi Smart Prodi dengan Pendekatan Delone Mclean dan Framework Cobit 5,†MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, Vol. 18, No. 2, PP. 222–236, 2019
[16] K. P. D. Dharmayanti, I. P. A. Swastika, and I. G. L. A. Raditya Putra, “Tata Kelola Sistem Informasi Sanken Menggunakan Framework COBIT 5,†MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, Vol. 18, No. 1, PP. 29–38, 2018
[17] E. Nachrowi, Yani Nurhadryani, and Heru Sukoco, “Evaluation of Governance and Management of Information Technology Services Using Cobit 2019 and ITIL 4,†Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), Vol. 4, No. 4, PP. 764–774, 2020
[18] Y. W. H. N. P. A. D. H. Rahmah, “Evaluasi Keamanan Informasi pada Dinas Komunikasi dan Informatika Kabupaten Sidoarjo menggunakan Indeks Keamanan Informasi ( KAMI ),†Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, Vol. 4, No. 3, PP. 840–847, 2020.
[19] I. Maghfiroh, M. Murahartawaty, and R. Mulyana, “Analisis Dan Perancangan Tata Kelola Ti Menggunakan Cobit 4.1 Domain Deliver and Support (DS) PT XYZ,†Jurnal Sistem Informasi, Vol. 12, No. 1, PP. 50–55, 2016
[20] N. Kadek, R. Widya, I. P. A. Bayupati, and I. K. A. Purnawan, “Audit Capability EAM menggunakan COBIT 5 dan ISO 55002 pada Perusahaan Kelistrikan Negara,†Jurnal Merpati, Vol. 4, No. 3, PP. 195–204, 2016
[21] D. Priyatno, SPSS 22: Pengolahan Data Terpraktis. Yogyakarta: ANDI OFFSET, 2014.
[2] IBISA, Keamanan Sistem Informasi. Yogyakarta: ANDI OFFSET, 2011.
[3] P. P. G. Pertama and I. W. Ardiyasa, “Audit Keamanan Sistem Informasi Perpustakaan STMIK STIKOM Bali Menggunakan Kerangka Kerja COBIT,†Jurnal Sistem Dan Informatika, Vol. 13, No. 2, PP. 77–86, 2019.
[4] R. R, I. Riadi, and Y. Prayudi, “A Maturity Level Framework for Measurement of Information Security Performance,†International Journal of Computer Applications, Vol. 141, No. 8, PP. 1–6, 2016
[5] E. Kurniawan and I. Riadi, “Security level analysis of academic information systems based on standard ISO 27002: 2013 using SSE-CMM,†International Journal of Computer Science and Information Security (IJCSIS), Vol. 16, No. 1, PP. 139–147, 2018
[6] R. Umar, I. Riadi, and E. Handoyo, “Analisis Keamanan Sistem Informasi Berdasarkan Framework COBIT 5 Menggunakan Capability Maturity Model Integration (CMMI),†Jurnal Sistem Informasi Bisnis, Vol. 9, No. 1, PP. 47–54, 2019
[7] H. Ghasali and K. Christianto, “System Information Audit with COBIT 4.1 and Balanced Scorecard Framework (Case Study: PT. Boga Dimsum Indonesia),†Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), Vol. 2, No. 2, PP. 560–565, 2018
[8] L. Lelah and Toto Suharto, “Tata Kelola Keamanan Teknologi Informasi Menggunakan Cobit 5 (Studi Kasus pada Dinas Komunikasi dan Informasi Kota Sukabumi),†Jurnal Gaung Informatika, Vol. 12, No. 1, PP. 46–55, 2019 [Online]. Available: http://jurnal.usahidsolo.ac.id/index.php/GI/article/view/321
[9] E. Surjandy; Fernando, A. R. Condrobimo, and M. R. Yudho, “Evaluasi Penerapan IT Governance Pada Bank Berdasarkan Cobit 5 ( Study Kasus Pada Bank XYZ ) Evaluation Implementaion of IT Governance At Bank Xyz Based On Cobit 5 ( Case Study at Bank XYZ ),†Jurnal Teknologi dan Ilmu Komputer (JTIIK), Vol. 7, No. 3, PP. 453–460, 2020
[10] I. J. Aritonang, E. D. Udayanti, and N. Iksan, “Audit Keamanan Sistem Informasi Menggunakan Framework Cobit 5 (APO13),†Information Technology Engineering Journals, Vol. 3, No. 2, PP. 3–7, 2018.
[11] F. Effendy and E. Hariyanti, “Manajemen Masalah Teknologi Informasi Berdasarkan Kerangka Kerja ITIL V3 dan COBIT 5,†Jurnal Sistem Informasi Bisnis, Vol. 8, No. 2, PP. 157–165, 2018
[12] A. L. Y. A. Andrianti, “Tata Kelola Keamanan Teknologi Informasi Menggunakan Framework COBIT 5 Fokus Proses DSS05 (Studi Pada RS Bhayangkara Jambi),†Indonesian Journal of Computer Science, Vol. 9, No. 2, PP. 86–95, 2020.
[13] E. Handoyo, “Analisis Tingkat Keamanan Informasi: Studi Komparasi Framework Cobit 5 Subdomain Manage Security Services (DSS05) dan NIST SP 800 – 55,†Jurnal Computer Science and Information Technology (CoSciTech), Vol. 1, No. 2, PP. 57–64, 2020.
[14] Y. D. Imany, W. Hayuhardhika, N. Putra, and A. D. Herlambang, “Evaluasi Tata Kelola Keamanan Informasi menggunakan COBIT 5 pada Domain APO13 dan DSS05 ( Studi pada PT Gagas Energi Indonesia ),†Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, Vol. 3, No. 6, PP. 5926–5935, 2019.
[15] T. Tarwoto and A. P. Kuncoro, “Evaluasi Penerapan Sistem Informasi Smart Prodi dengan Pendekatan Delone Mclean dan Framework Cobit 5,†MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, Vol. 18, No. 2, PP. 222–236, 2019
[16] K. P. D. Dharmayanti, I. P. A. Swastika, and I. G. L. A. Raditya Putra, “Tata Kelola Sistem Informasi Sanken Menggunakan Framework COBIT 5,†MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, Vol. 18, No. 1, PP. 29–38, 2018
[17] E. Nachrowi, Yani Nurhadryani, and Heru Sukoco, “Evaluation of Governance and Management of Information Technology Services Using Cobit 2019 and ITIL 4,†Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), Vol. 4, No. 4, PP. 764–774, 2020
[18] Y. W. H. N. P. A. D. H. Rahmah, “Evaluasi Keamanan Informasi pada Dinas Komunikasi dan Informatika Kabupaten Sidoarjo menggunakan Indeks Keamanan Informasi ( KAMI ),†Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, Vol. 4, No. 3, PP. 840–847, 2020.
[19] I. Maghfiroh, M. Murahartawaty, and R. Mulyana, “Analisis Dan Perancangan Tata Kelola Ti Menggunakan Cobit 4.1 Domain Deliver and Support (DS) PT XYZ,†Jurnal Sistem Informasi, Vol. 12, No. 1, PP. 50–55, 2016
[20] N. Kadek, R. Widya, I. P. A. Bayupati, and I. K. A. Purnawan, “Audit Capability EAM menggunakan COBIT 5 dan ISO 55002 pada Perusahaan Kelistrikan Negara,†Jurnal Merpati, Vol. 4, No. 3, PP. 195–204, 2016
[21] D. Priyatno, SPSS 22: Pengolahan Data Terpraktis. Yogyakarta: ANDI OFFSET, 2014.
Downloads
Published
2022-03-31
Issue
Section
Articles
How to Cite
[1]
K. N. Isnaini and D. Suhartono, “Evaluation of Basic Principles of Information Security at University Using COBIT 5”, MATRIK, vol. 21, no. 2, pp. 317–326, Mar. 2022, doi: 10.30812/matrik.v21i2.1311.
Similar Articles
- Jihadil Qudsi S., Anthony Anggrawan, EVALUASI PRODUK PEMBELAJARAN MULTIMEDIA (PELIN) EVALUATION OF LEARNING MULTIMEDIA PRODUCT (PELIN) , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 16 No. 1 (2016)
- Anthony Anggrawan, Raisul Azhar, Bambang Krismono Triwijoyo, Mayadi Mayadi, Developing Application in Anticipating DDoS Attacks on Server Computer Machines , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 20 No. 2 (2021)
- Achmad Lukman, Wahju Tjahjo Saputro, Erni Seniwati, Improving Performance Convolutional Neural Networks Using Modified Pooling Function , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 23 No. 2 (2024)
- Paska Marto Hasugian, Devy Mathelinea, Siska Simamora, Pandi Barita Nauli Simangunsong, Comparative Evaluation of Data Clustering Accuracy through Integration of Dimensionality Reduction and Distance Metric , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 24 No. 3 (2025)
- Fathurrahmani Fathurrahmani, Wiwik Kusrini, Khairul Anwar Hafizd, Arif Supriyanto, Penerapan Sistem Tertanam untuk Monitoring Kandang Ayam Broiler , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 19 No. 1 (2019)
- Erna Daniati, Sucipto Sucipto, Anita Sari Wardani, Akmal Hisyam Pradhana, Usability Test on the System Determination Decision Support ReleaseProduct Towards Contribution Level Decision Maker , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 24 No. 3 (2025)
- Achmad Afif Irwansyah, Aripriharta Aripriharta, Didik Dwi Prasetya, Stochastic Optimization for Hostage Rescue Using Internet of Things and Queen Honey Bee Algorithm , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 25 No. 1 (2025)
- Amir Ali, Klasterisasi Data Rekam Medis Pasien Menggunakan Metode K-Means Clustering di Rumah Sakit Anwar Medika Balong Bendo Sidoarjo , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 19 No. 1 (2019)
- Helen Sastypratiwi, Yulianti Yulianti, Hafiz Muhardi, Desepta Isna Ulumi, Incorporating User Experience Evaluation into Application Design for Optimal Usability , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 22 No. 3 (2023)
- Iis Gugum Gumilar, Yuda Syahidin, Erix Gunawan, Jeri Sukmawijaya, Automation Reporting Bed Efficiency Using Verification and Validation Method , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 22 No. 3 (2023)
You may also start an advanced similarity search for this article.
Most read articles by the same author(s)
- Didit Suhartono, Khairunnisak Nur Isnaini, Strategi Recovery Plan Teknologi Informasi di Perguruan Tinggi Menggunakan Framework NIST SP 800-34 , MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer: Vol. 20 No. 2 (2021)
.png)
