Pilar Nusa Mandiri (Sep 2021)

INFORMATION SECURITY POLICY AND SOP AS THE ACCESS CONTROL DOCUMENT OF PT. JUI SHIN INDONESIA USING ISO/IEC 27002:2013

  • Muhammad Sukmaji,
  • Rahmat Yasirandi,
  • Muhammad Al Makky

DOI
https://doi.org/10.33480/pilar.v17i2.2282
Journal volume & issue
Vol. 17, no. 2
pp. 115 – 112

Abstract

Read online

PT. Jui Shin Indonesia as the research population is a company engaged in the ceramics, granite, and cement industry. The existence of important assets owned by the company can not be denied the threat that will occur in these important assets. The importance of a company's assets, then the company must maintain the security of assets with various efforts. The security that must be maintained in this study is the security of information related to accessing control of important assets of the company. The purpose of this research is to analyze and design policy documents and SOP (Standard Operating Procedure) access control related to information security. This is done to minimize the risk that occurs in important assets of the company. The method used in this study is the OCTAVE method as a method of identification against risks that will occur in important assets of the company and the FMEA method as a method of risk analysis against the risk that has been identified through the OCTAVE method. The final result of this study is the creation of policy documents and access control SOPs related to information security which refers to the ISO/IEC 27002:2013 framework that focuses on clause 9. Access Control. Based on the results of the study, the researchers received proposals for policy document-making and SOPs as much as, namely, 17 for policy document-making and 18 for the creation of SOP documents.

Keywords