Hasil Pencarian  ::  Simpan CSV :: Kembali

Abstrak :
ABSTRAK
Tesis ini membahas tentang penyelenggaraan manajemen sekuriti informasi di sebuah perusahaan perkapalan, yaitu PT. Vierlines. manajemen sekuriti sendiri memiliki tiga faktor yang saling terkait yaitu manajemen sekuriti fisik, manajemen sekuriti personil dan manajemen sekuriti informasi. Penyelenggaraan manajemen sekuriti informasi bertujuan melindungi aset perusahaan dari pencurian dokumen, data dan informasi penting perusahaan. Tesis ini juga membahas tentang peran Polri melalui Polsek dan Unit Cyber Crime Polda Metro Jaya dalam optimasi manajemen sekuriti informasi di PT. Vierlines. Tesis ini menggunakan metode kualitatif dengan observasi, wawancara, studi dokumen dan literatur. Hasil tesis ini menunjukkan bahwa penyelenggaraan manajemen sekuriti informasi di PT. Vierlines belum memadai dan masih menggunakan fitur-fitur standar. Rekomendasi dalam tesis ini untuk optimasi manajemen sekuriti informasi di PT. Vierlines adalah agar dilakukan pengkajian untuk pembuatan kebijakan, penerapan SOP, dan penunjukan seorang yang bertanggung jawab terhadap manajemen sekuriti informasi, dan bagi Polri, dapat memberikan pendidikan tambahan kepada anggotanya berupa pelatihan ataupun sertifikasi, serta pengadaan peralatan yang memadai demi menghadapi kejahatan ITE yang semakin berkembang seiring dengan perkembangan zaman sehingga dapat memberikan pengayoman bagi masyarakat pada umumnya dan perusahaan pada khusunya dalam bidang keamanan informasi.

---

ABSTRACT
This thesis discusses the implementation of information security management at a shipping company, PT. Vierlines. Security management itself has three interrelated factors, namely physical security management, security management personnel and information security management. Implementation of information security management aims to protect the company's assets from theft of documents, data and critical enterprise information. This thesis also discusses the role of the Police through the Police and Cyber Crime Unit of Polda Metro Jaya in the optimization of information security management in PT. Vierlines. This thesis uses a qualitative method of observation, interviews, documents and literature studies. The results of this thesis show that the implementation of information security management in PT. Vierlines inadequate and still use the feature - a standard feature. Recommendations in this thesis for the optimization of information security management in PT. Vierlines is to be carried out assessments to policy-making, implementation of SOP, and the appointment of a person responsible for the management of nformation security, and for the Police, can provide additional education to its members in the form of training or certification, as well as the provision of adequate equipment in order to face the crimes ITE growing along with the times in order to provide shelter for the community in general and the company especially in the field of information security

Abstrak :
Sistem manajemen keamanan informasi merupakan suatu kebijakan terintegrasi yang menjadi bagian dari keseluruhan manajemen organisasi untuk mengoperasikan, memantau, meninjau dan memelihara keamanan informasi dengan pendekatan risiko. Lebih jauh, penelitian ini bertujuan untuk mengevaluasi sistem manajemen keamanan informasi di KPK dengan menggunakan pendekatan model CIPP (context, input, process, product). Penelitian ini menggunakan pendekatan interpretif dengan teknik pengumpulan data kualitatif melalui studi literatur, wawancara narasumber dan observasi untuk kemudian dilakukan elaborasi berdasarkan indikator-indikator dalam evaluasi menggunakan model evaluasi CIPP sebagai pedoman analisis. Hasil penelitian menunjukkan bahwa konteks sistem manajemen keamanan informasi di KPK telah diatur dalam regulasi internal yang telah disusun secara kolaboratif antar fungsi di KPK. Namun demikian pada implementasinya masih perlu pengembangan lebih lanjut terutama pada aspek pengembangan kompetensi pelaksana kebijakan. Pada dimensi evaluasi produk, sistem manajemen keamanan informasi masih dibutuhkan eksistensinya di KPK mengingat sebagai lembaga publik yang memiliki fungsi penegakan hukum, perlu dijamin kerahasiaan data dan informasi agar tidak jatuh kepada pihak-pihak yang tidak bertanggung jawab. ......The information security management system is an integrated policy that is part of the overall management of the organization to operate, monitor, review and maintain information security with a risk approach. Furthermore, this study aims to evaluate the information security management system at the KPK using the CIPP model approach (context, input, process, product). This study uses an interpretive approach with qualitative data collection techniques through literature study, interview with informants and observations to then be elaborated based on the indicators in the evaluation using the CIPP evaluation model as an analysis guide. The results of the study indicate that the context of the information security management system at the KPK has been regulated in internal regulations that have been compiled collaboratively between functions at the KPK. However, the implementation still needs further development, especially in the aspect of developing the competence of policy implementers. In the product evaluation dimension, an information security management system is still needed to exist in the KPK considering that as a public institution that has a law enforcement function, it is necessary to guarantee the confidentiality of data and information so that it does not fall to irresponsible parties.

Abstrak :
This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA compliance handbook, explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of certification and accreditation is discussed. This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FISMA compliant security assessment. Various topics discussed in this book include the NIST risk management Framework, how to characterize the sensitivity level of your system, contingency plan, system security plan development, security awareness training, privacy impact assessments, security assessments and more. Readers will learn how to obtain an authority to operate for an information system and what actions to take in regards to vulnerabilities and audit findings. FISMA Compliance Handbook Second Edition, also includes all-new coverage of federal cloud computing compliance from author Laura Taylor, the federal government?s technical lead for FedRAMP, the government program used to assess and authorize cloud products and services.