Article Per Year (5 Year)
p-Index From 2020 - 2025
0.408
P-Index
This Author published in this journals
All Journal Journal of Applied Computer Science and Technology (JACOST)
Arief Algiffary
Universitas Bina Darma
Computer Science & IT

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search
Journal : Journal of Applied Computer Science and Technology (JACOST)

 1 
Audit Keamanan Sistem Informasi Manajemen Rumah Sakit Dengan Framework COBIT 2019 Pada RSUD Palembang BARI Arief Algiffary; M. Izman Herdiansyah; Yesi Novaria Kunang
Journal of Applied Computer Science and Technology Vol 4 No 1 (2023): Juni 2023
Publisher : Indonesian Society of Applied Science

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52158/jacost.v4i1.505

Abstract

This study examines the implementation of information system at RSUD Palembang BARI with the aim of enhancing information system security. In this context, a security audit is conducted using the COBIT 2019 framework. The COBIT 2019 domains and processes utilizing include EDM03, APO12, APO13, APO14, and DSS05. The research involves the identification and evaluation of information security risks, determination of necessary security controls, and ensuring compliance with the information security standards established by COBIT 2019. The findings indicate that the level of information system security at RSUD Palembang BARI is at level 3 (Defined), with a gap analysis difference of 1 level below the expected target. Based on the above results, efforts to improve and enhance the information system security at RSUD Palembang BARI are still needed. The use of information system security techniques such as vulnerability scanning, penetration testing, WAF, IDS and IPS, and data encryption, as well as improving security in terms of server physical aspects such as installing CCTV and restricting user access with access cards or fingerprints, can be implemented to ensure compliance with relevant information security standards. Consideration for obtaining security certifications, like ISO 27001, should also be taken. Additionally, the quality of human resources in terms of policy-making and the ability of employees to address threats and attacks on information system security should be improved through training and strengthening coordination among employees.
Co-Authors Herdiansyah, M. Izman Yesi Novaria Kunang