ANALISIS MANAJEMEN RISIKO KEAMANAN SISTEM INFORMASI PENGADILAN AGAMA TELUK KUANTAN MENGGUNAKAN FRAMEWORK ISO 27001

Abstract

ISO/IEC 27001:2013 is an information security management system standard in the ISO/IEC 27000 family of standards. ISO/IEC 27001:2013 provides a framework for development, implementation, operation, monitoring, review and improvement of the Information Security Management System (ISMS). The objectives to be achieved from this research are increasing trust for information system users and increasing the credibility of the Teluk Kuantan Religious Court organization from the use of invalid information systems. After analyzing information system security risk management using the ISO/IEC 27001 Framework, there are 4 clauses, namely A.9 access control, A.11 physical and environmental security, A.12 operations security and A.16 information security incident management. Of all the clauses that have been calculated, the maturity level seen from clause 9 access control has an average of 3.96 which is included in the Quantitatively Controlled category, clause 11 physical and environmental security has an average of 4.62 which is included in the Continuously Improving category (continuously improved), clause 12 operational security has an average of 3.2 which is included in the Well Defined category (well implemented) and clause 16 information security incident management has an average of 4.5 which is included in Quantitatively Controlled category (quantitatively controlled).