Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal International Journal for Applied Information Management
Basri, Wahyu Setiawan
Unknown Affiliation
Humanities Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Environmental Science Social Sciences

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Risk Management in Information Systems: Applying ISO 31000:2018 and ISO/IEC 27001:2022 Controls at PMI's Central Clinic Basri, Wahyu Setiawan; Ayu, Adinda Laras
International Journal for Applied Information Management Vol. 4 No. 1 (2024): Regular Issue: April 2024
Publisher : Bright Institute

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.47738/ijaim.v4i1.70

Abstract

PMI Main Clinic is a national association organization in Indonesia engaged in health services. PMI Main Clinic has an information system to support its health service process. One of the information systems is the Clinic Management Information System (Smart Klinik), this information system is used to record patients from the beginning of the patient's arrival to register until the patient gets the medicine. PMI Main Clinic has never implemented information system risk management before. If a risk occurs at the PMI Main Clinic, the PMI Main Clinic can suffer huge losses and hamper the health service process. To find out the possible risks that can occur at PMI, the ISO 31000: 2018 method is used and the control standard uses ISO 27001: 2022. It can be seen from the 22 possible risks, there are 4 possible risks with very high levels, 2 possible risks with high risk levels, 10 possible risks with moderate risk levels, and 6 possible risks with low risk levels. The control recommendations used ISO/EIC 27001:2022 from the result Equipment maintenance, Information backup, Protection against malware, Installation of software on operational systems, Monitoring activities, Web filtering, Network’s security, Security of network services, Segregation of networks, Secure system architecture and engineering principles.
Co-Authors Ayu, Adinda Laras