<![CDATA[Information security and awareness of the dangers of information leakage are the most important things in information technology, especially information that is classified and has strategic value. Information security risk management is an approach organizations use to identify, distribute, measure, and manage risks related to information security, which, if left unchecked, can paralyze existing business process activities in the organization. In carrying out its business processes, the West Java Province Diskominfo still has risk problems, namely that information security incidents often disrupt institutional business processes, where some incidents can be handled directly (reactively) in the field. However, several other incidents require planning and time. There are quite a few solutions, and there is no proper supervision and planning in managing data and information security, so Information Security Risk Management based on ISO/IEC 27001:2022 is needed. The results of this research show that there are forty-one information security risks in the West Java Province Diskominfo, and recommendations have been given for each risk in accordance with the ISO/IEC 27001:2022 standard.]]>
Copyrights © 2025
