Evaluation the Information Security Management System: A Path Towards ISO 27001 Certification

Jevelin Jevelin; Ahmad Faza

doi:10.51519/journalisi.v5i4.572

Journal of Information Systems and Informatics (Nov 2023)

Evaluation the Information Security Management System: A Path Towards ISO 27001 Certification

Jevelin Jevelin,
Ahmad Faza

Affiliations

Jevelin Jevelin: Universitas Multimedia Nusantara
Ahmad Faza: Universitas Multimedia Nusantara

DOI: https://doi.org/10.51519/journalisi.v5i4.572
Journal volume & issue: Vol. 5, no. 4
pp. 1240 – 1256

Abstract

Read online

This study addresses the urgent need for robust data security by evaluating the Information Security Management System (ISMS) of a private contractor poised for ISO 27001 certification. It introduces the context of pervasive data breaches that necessitate stringent security measures. Employing a mixed-methods approach, the research method combines the KAMI index for quantitative maturity assessment with qualitative insights from staff interviews and literature reviews. The results reveal the contractor's ISMS maturity at levels I+ to II, indicating a shortfall in meeting the ISO 27001 benchmark. The discussion highlights the efficacy of the PDCA cycle in ISMS implementation, but also underscores the imperative for enhancements to fulfill certification requirements.

Published in Journal of Information Systems and Informatics

ISSN: 2656-5935 (Print); 2656-4882 (Online)
Publisher: Informatics Department, Faculty of Computer Science Bina Darma University
Country of publisher: Indonesia
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://journal-isi.org/index.php/isi

About the journal

Abstract

Keywords