<![CDATA[The communication and informatics office of Batu City is a government agency which has a responsibility for managing information security and security services. Based on interview, it found there were no references in managing the implementation of information security. The purpose of this research is to provide a reference to the COBIT 5 framework allows agencies to develop clear policies using best practice for implementing information security management. After assessing the ability of the communication and informatics office of Batu city in dealing with the ongoing security information by referring to best practice based on the APO13 domain (Manage Security) and DSS0S (Manage Security Services) the result was the documentation that provide in several information security implementation processes and information security services in communication and information office of Batu City were still incomplete. The reason of this problem was the delivery of information security implementation was still implied since it has not supported by standard like policies and standard operating procedures (SOP). The result of calculating the capability level of each best practice processes were still at level 0 (Incomplete Process), this means the process was not implemented of failed to achieve the systematic process. Based on the results obtained, it is necessary to increase the level of capability to achieve the implementation of security management and management of security services that are expected to be level 1 (Performed Process) which mean implementation of the process to achieve the goverment policies goals that have been made can be measured and reviewed consistently.]]>
Copyrights © 2020
