Article Per Year (5 Year)
p-Index From 2020 - 2025
0.408
P-Index
This Author published in this journals
All Journal International Journal of Industrial Innovation and Mechanical Engineering Neptunus: Jurnal Ilmu Komputer dan Teknologi Informasi
Muhammad Alam Pasirulloh
Unknown Affiliation
Astronomy Computer Science & IT Engineering

Published : 2 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 2 Documents
Search

 1 
Evaluation of Information Security Based on KAMI Index and ISO/IEC 27001 at the XYZ Regency Communication and Information Office Putu Pradiptha Dwipayani; Dwi Putra Githa; Muhammad Alam Pasirulloh
International Journal of Industrial Innovation and Mechanical Engineering Vol. 2 No. 2 (2025): May : International Journal of Industrial Innovation and Mechanical Engineering
Publisher : Asosiasi Riset Ilmu Teknik Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.61132/ijiime.v2i2.259

Abstract

Information security is one of the key aspects of protecting information assets. Referring to the Regulation of the Ministry of Communication and Informatics No. 4 of 2016, Electronic System Providers (PSE) are required to implement information security to safeguard public interests, public services, state administration, and national defense and security. Therefore, the XYZ Regency Communication and Information Office, as an Electronic System Provider, needs to conduct an evaluation of its information security. This study aims to assess the level of information security at the XYZ Regency Communication and Information Office using the KAMI Index version 5.0 and to provide improvement recommendations in accordance with ISO/IEC 27001:2022 controls. The KAMI Index is used as a standard evaluation tool for assessing information security readiness based on the Regulation of the National Cyber and Crypto Agency (BSSN) No. 8 of 2021. The evaluation results show that the XYZ Regency Communication and Information Office obtained a final score of 248, with a readiness status of "Not Eligible" to meet the ISO/IEC 27001:2022 standard. The maturity level of information security is in the range of Level I to II. Improvement recommendations are provided based on questionnaire results that do not yet meet the ISO/IEC 27001:2022 standards. These recommendations serve as a reference for the XYZ Regency Communication and Information Office to align its information security governance with the ISO/IEC 27001:2022 standard.
Analisis dan Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan Metode OCTAVE dan FMEA Berbasis ISO 27001:2022: Studi Kasus : Perusahaan XYZ Ajeng Wahyuningtyas; Ni Made Ika Marini Mandenni; Muhammad Alam Pasirulloh
Neptunus: Jurnal Ilmu Komputer Dan Teknologi Informasi Vol. 3 No. 2 (2025): Mei : Neptunus : Jurnal Ilmu Komputer Dan Teknologi Informasi
Publisher : Asosiasi Riset Teknik Elektro dan Informatika Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.61132/neptunus.v3i2.796

Abstract

The advancement of information technology has driven companies to adopt technology-based systems to enhance operational efficiency while also increasing the complexity of information security risks. This study aims to analyse risk factors associated with information security assets, identify potential threats, assess risks, and provide mitigation recommendations. The OCTAVE method was applied to identify threats, vulnerabilities, and critical information technology assets, while FMEA was used to determine risk mitigation priorities based on the Risk Priority Number (RPN). The mitigation recommendations were developed in accordance with ISO 27001:2022 standards. Data collection was conducted through interviews with XYZ company representatives, identifying 34 information security asset risks, including 6 hardware failure potentials, 6 software failure potentials, 14 data failure potentials, 4 human resource failure potentials, and 4 network failure potentials. The risk categorisation results revealed 5 high-level risks, 6 moderate-level risks, 20 low-level risks, and 3 very low-level risks. The mitigation recommendations include three ISO/IEC 27001:2022 clauses: Human Resource Controls, Physical Controls, and Information Technology Controls.
Co-Authors Ajeng Wahyuningtyas Dwi Putra Githa Ni Made Ika Marini Mandenni Putu Pradiptha Dwipayani