Article Per Year (5 Year)
p-Index From 2021 - 2026
1.431
P-Index
This Author published in this journals
All Journal Seminar Nasional Aplikasi Teknologi Informasi (SNATI) METIK JURNAL Jurnal Restikom : Riset Teknik Informatika dan Komputer The Indonesian Journal of Computer Science
Rizal Fathoni Aji
Fakultas Ilmu Komputer, Universitas Indonesia
Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Earth & Planetary Sciences Electrical & Electronics Engineering Engineering

Published : 14 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 14 Documents
Search

 1   2 
Perancangan Kapabilitas Security Operations Center di Public Cloud Computing Environment: Studi Kasus PT. XYZ Fadholi, M Ryan; Rizal Fathoni Aji
The Indonesian Journal of Computer Science Vol. 14 No. 4 (2025): The Indonesian Journal of Computer Science
Publisher : AI Society & STMIK Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33022/ijcs.v14i4.4945

Abstract

Cybersecurity has become a major challenge for financial institutions, including PT. XYZ. Although PT. XYZ has established a Security Operations Center (SOC) to safeguard its digital assets, the current SOC team lacks optimal capability to monitor the organization's newly adopted public cloud environment. This gap increases the risk of undetected cyberattacks targeting the cloud infrastructure. This study aims to develop recommendations for enhancing SOC capabilities in PT. XYZ’s public cloud environment using the Design Science Research (DSR) method. The initial SOC condition was analyzed through document review and observation. Capability gaps were identified through focus group discussions (FGD) guided by the SOC-CMM screening tool. The NIST Cybersecurity Framework (CSF) was then employed as the foundation for defining target capabilities. The study resulted in a set of 35 practical recommendations to improve the SOC team's capabilities, categorized according to the SOC-CMM domains.
A Comprehensive Case Study Rekomendasi Implementasi 11 Kontrol keamanan informasi baru ISO 27001:2022 di Perusahaan HealthTech XYZ: Studi Kasus Komprehensif tentang Meningkatkan Kepatuhan dan Keamanan Siber di HealthTech Company Suryo Wibowo, Bimantoro; Rizal Fathoni Aji
The Indonesian Journal of Computer Science Vol. 13 No. 4 (2024): The Indonesian Journal of Computer Science
Publisher : AI Society & STMIK Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33022/ijcs.v13i4.4166

Abstract

This study aims to recommend the implementation of new annex controls in ISO 27001:2022, guided by ISO 27002:2022, for PT XYZ. The research questions addressed are: (1) What are the existing gaps between PT XYZ's current information security controls and the requirements of ISO 27001:2022? (2) What specific recommendations can close these gaps? Using a qualitative case study approach, data were collected in May 2024 through purposive sampling, interviews, observations, and document analysis. Findings reveal that while some controls are partially implemented, others lack full documentation and SOPs. Detailed recommendations were provided to ensure compliance with updated standards, emphasizing formalization into SOPs. This study offers practical guidance for organizations transitioning to ISO 27001:2022, enhancing cybersecurity readiness and compliance with stringent data protection regulations.
Audit Keamanan Informasi Pemasok Pada Perusahaan Penyelenggara Sistem Pembayaran XYZ Mulyadi, Farroh Sakinah; Rizal Fathoni Aji
The Indonesian Journal of Computer Science Vol. 13 No. 4 (2024): The Indonesian Journal of Computer Science
Publisher : AI Society & STMIK Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33022/ijcs.v13i4.4167

Abstract

The relationship between companies and suppliers is one of the manifestations of the company's resource strategy to remain productive and competitive. However, suppliers also create information security risks, such as cybersecurity threats and data protection. To ensure the security of the company's information assets, PT XYZ implements an information security management system based on ISO / IEC 27001: 2022 for all company information assets, both managed by internal and external parties (suppliers). Therefore, this research aims to measure suppliers' criticality level with an information technology asset risk management approach. The company will evaluate the critical suppliers's information security control implementation through systematic monitoring processes such as audits and due diligence. The results of this study indicate that two suppliers at PT XYZ with a high level of criticality need to be audited, and three suppliers with a medium level of criticality need to conduct due diligence.
An Evaluation of DevOps Practices to Prevent Fraud: A Case Study of PT XYZ Adi Hartanto; Rizal Fathoni Aji
The Indonesian Journal of Computer Science Vol. 12 No. 6 (2023): The Indonesian Journal of Computer Science
Publisher : AI Society & STMIK Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33022/ijcs.v12i6.3600

Abstract

Fraudulent transactions caused mainly by high level bugs in PT XYZ’s production environment have caused significant financial losses for the company. Such issues were attributed to subpar DevOps practices in PT XYZ. Based on the given problem, this research evaluates DevOps practices in PT XYZ based on Bucena’s maturity model and proposes recommendations for improvement. This study collects data using interviews with four key figures in PT XYZ’s software development team and processed using the thematic analysis method in conjunction with magnitude coding. The results showed that PT XYZ’s primary weaknesses in implementing DevOps practices fall mostly within Technology and Process domains. From these findings, a roadmap is designed for a timeframe of 12 months, which consists of 9 primary objectives to fulfill to increase overall DevOps maturity level at PT XYZ up to the Defined level.
Co-Authors Adi Gunawan, Adi Adi Hartanto Aditya Reza Firdaus Elke Cahya Putri Fadholi, M Ryan Hendra Dwi Hadmanto Henri Tetiawadi Heri Kurniawan Indra Budi Jihan Prama Nurahman Mulyadi, Farroh Sakinah Suryo Wibowo, Bimantoro Yosephine Novianti Zainal A. Hasibuan