Options
An analysis of IT assessment security maturity in higher education institution
Publikationstyp
Conference Paper
Date Issued
2016-02
Sprache
English
Author(s)
TORE-URI
First published in
Lecture Notes in Electrical Engineering
Volume
376
Start Page
701
End Page
713
Citation
Lecture Notes in Electrical Engineering (376): 701-713 (2016-02)
Publisher DOI
Scopus ID
The information technology (IT) has been applied widely in Indonesia Higher Education Institution for various services. Many organizations responsible for managing the IT infrastructure, however, rarely have a framework for assessing the security maturity level of their information management. The implementation of a framework is one of solutions, but has not been yet maximized. Therefore we suggest to combine several frameworks in hope that they can be complementary. The combination of different frameworks will be more effective to monitoring the security maturity level by using an assessment security maturity management. This assessment security maturity management is a combination of framework control objective from IT Governance COBIT® 4.1 (Control Objectives for Information and related Technology) with Management Service in ITIL v3 (Information Technology Infrastructure Library) and ISO/IEC 27001. Since assessment of security maturity management is measured using COBIT® 4.1 assessment framework, and before it was adjusted with the ISO 27001 framework applied maximal. This paper present the results of assessment maturity security management, mapping of combination framework providing an indicator of security maturity level at one of university in Jakarta. A case study conducted shows that combination of some frameworks to support assessment of security maturity management level becomes more effective and efficient.
Subjects
COBIT® 4.1
Information technology security
ISO/IEC 27000
ITIL® V3
Maturity
Risk assessment
Service management