Penilaian Risiko Keamanan Informasi Pusat Data pada Instansi XYZ | Jurnal Informatika Ekonomi Bisnis

Journal Content

Search

Search Scope

Browse

Information

Current Issue

Template
Similarity Checker

Member of

Statistics

Penilaian Risiko Keamanan Informasi Pusat Data pada Instansi XYZ

Helsha Zania Artie Universitas Indonnesia Muhammad Hilman Universitas Indonesia Setiadi Yazid Universitas Indonesia DOI: https://doi.org/10.37034/infeb.v7i2.1160 Keywords: Information Security, Risk Assessment, Data Center, ISO 27005, NIST SP 800-30 Abstract Information security is a critical aspect of protecting an organization's essential assets, including data centers that store and process sensitive information. The XYZ Agency, responsible for managing public finances, places a high priority on maintaining data confidentiality, integrity, and availability. Therefore, improving information security needs to be done through a risk assessment of assets located in the XYZ Agency Data Center. This research aims to evaluate information security risks at the XYZ Agency Data Center using the ISO 27005:2018 and NIST SP 800-30 frameworks. The assessment was performed through qualitative analysis involving interviews, internal document review, and observation. The findings revealed 111 identified risks, categorized as 48 very low risks, 50 low risks, 9 medium risks, and 4 high risks. Among these, 13 risks 4 high risks and 9 medium risks require mitigation. Mitigation efforts should prioritize seven data center assets with medium and high risks, namely application server assets, database servers, virtual host servers, agency service applications, agency service data, virtual server staffing applications, and staffing applications. Downloads Download data is not yet available. References Hero, A., Kar, S., Moura, J., Neil, J., Poor, H. V., Turcotte, M., & Xi, B. (2023). Statistics and Data Science for Cybersecurity. Harvard Data Science Review, 5(1). DOI: https://doi.org/10.1162/99608f92.a42024d0 . Hariani, H., Darmatasia, D., & Saputra, W. (2020). Capability Maturity Model Integration (Cmmi) untuk Analisis Keamanan Informasi Menggunakan Domain Apo13 Cobit 5 pada Pustipad Instansi X. Jurnal INSYPRO (Information System and Processing), 5(2). DOI: https://doi.org/10.24252/insypro.v5i2.19751 . Levy, M. (2020). A Novel Framework for Data Center Risk Assessment. In 2020 11th IEEE Annual Ubiquitous Computing, Electronics and Mobile Communication Conference, UEMCON 2020 (pp. 0148–0154). Institute of Electrical and Electronics Engineers Inc. DOI: https://doi.org/10.1109/UEMCON51285.2020.9298072 . Rose, K. H. (2013). A Guide to the Project Management Body of Knowledge (PMBOK Guide) Fifth Edition. Project Management Journal, 44(3), e1–e1. DOI: https://doi.org/10.1002/pmj.21345 . Hwang, B. G., Zhu, L., & Tan, J. S. H. (2017). Green Business Park Project Management: Barriers and Solutions for Sustainable Development. Journal of Cleaner Production, 153, 209–219. DOI: https://doi.org/10.1016/j.jclepro.2017.03.210 . Putra, I. M. M., & Mutijarsa, K. (2021). Designing Information Security Risk Management on Bali Regional Police Command Center Based on ISO 27005. In 3rd 2021 East Indonesia Conference on Computer and Information Technology, EIConCIT 2021 (pp. 14–19). Institute of Electrical and Electronics Engineers Inc. DOI: https://doi.org/10.1109/EIConCIT50028.2021.9431865 . Tipton, H. F., & Krause, M. (2008). Information Security Management Handbook. Information Security Management Handbook, Sixth Edition (Vol. 2, pp. 1–437). CRC Press. DOI: https://doi.org/10.1201/9781420067101 . Al Fikri, M., Putra, F. A., Suryanto, Y., & Ramli, K. (2019). Risk Assessment Using NIST SP 800-30 Revision 1 and ISO 27005 Combination Technique In Profit-Based Organization: Case Study Of ZZZ Information System Application In ABC Agency. In Procedia Computer Science (Vol. 161, pp. 1206–1215). Elsevier B.V. DOI: https://doi.org/10.1016/j.procs.2019.11.234 . Kim, Y., & Kim, B. (2021). The Effective Factors on Continuity of Corporate Information Security Management: Based On Toe Framework. Information (Switzerland), 12(11). DOI: https://doi.org/10.3390/info12110446 . Andry, J. F., Liliana, L., Tannady, H., & Arief, A. S. (2022). Data Centre Risk Analysis Using ISO 31000:2009 Framework. In Journal of Physics: Conference Series (Vol. 2394). Institute of Physics. DOI: https://doi.org/10.1088/1742-6596/2394/1/012032 . Fachrezi, M. I. (2021). Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan Iso 31000:2018 Diskominfo Kota Salatiga. JATISI (Jurnal Teknik Informatika dan Sistem Informasi), 8(2), 764–773. DOI: https://doi.org/10.35957/jatisi.v8i2.789 . Munodawafa, F., & Awad, A. I. (2018). Security Risk Assessment Within Hybrid Data Centers: A Case Study of Delay Sensitive Applications. Journal of Information Security and Applications, 43, 61–72. DOI: https://doi.org/10.1016/j.jisa.2018.10.008 . Turang, D. A. O., & Turang, M. C. (2020). Analisis Audit Tata Kelola Keamanan Teknologi Informasi Menggunakan Framework Cobit 5 pada Instansi X. Klik - Kumpulan Jurnal Ilmu Komputer, 7(2), 130. DOI: https://doi.org/10.20527/klik.v7i2.316 . Benyamin, J., & Almubaroq, H. Z. (2021). Penilaian Sistem Keamanan Informasi Data Center pada Instansi Yaza untuk Mencegah Ancaman Siber dalam Meningkatkan Pertahanan Negara. Infotronik : Jurnal Teknologi Informasi dan Elektronika, 6(2), 77. DOI: https://doi.org/10.32897/infotronik.2021.6.2.1123 . Agustina, E. R., & Achmad, F. (2019). Perancangan Spesifikasi Keamanan Kontrol Akses pada Aplikasi Layanan Informasi di Lingkungan Instansi Pemerintah. Jurnal Teknologi Informasi Dan Ilmu Komputer, 6(2), 195–200. DOI: https://doi.org/10.25126/jtiik.2019621304 . Hariani, H., Darmatasia, D., & Saputra, W. (2020). Capability Maturity Model Integration (CMMI) untuk Analisis Keamanan Informasi Menggunakan Domain Apo13 Cobit 5 pada Pustipad Instansi X. Jurnal INSYPRO (Information System and Processing), 5(2). DOI: https://doi.org/10.24252/insypro.v5i2.19751 . Wijatmoko, T. E. (2020). Evaluasi Keamanan Informasi Menggunakan Indeks Keamanan Informasi (KAMI) pada Kantor Wilayah Kementerian Hukum dan Ham Diy. Cyber Security dan Forensik Digital, 3(1), 1–6. DOI: https://doi.org/10.14421/csecurity.2020.3.1.1951 . Putri, T. S., Mutiah, N. M., & Prawira, D. P. (2022). Analisis Manajemen Risiko Keamanan Informasi Menggunakan Nist Cybersecurity Framework dan ISO/IEC 27001:2013 (Studi Kasus: Badan Pusat Statistik Kalimantan Barat). Coding Jurnal Komputer Dan Aplikasi, 10(02), 237. DOI: https://doi.org/10.26418/coding.v10i02.54972 . Ghozali, B., Kusrini, K., & Sudarmawan, S. (2019). Mendeteksi Kerentanan Keamanan Aplikasi Website Menggunakan Metode Owasp (Open Web Application Security Project) Untuk Penilaian Risk Rating. Creative Information Technology Journal, 4(4), 264. DOI: https://doi.org/10.24076/citec.2017v4i4.119 . Xiuguo, W. (2018). A Security-Aware Data Replica Placement Strategy Based On Fuzzy Evaluation In The Cloud. Journal of Intelligent and Fuzzy Systems, 35(1), 243–255. DOI: https://doi.org/10.3233/JIFS-169584 .	Download Published 2025-06-28 Issue Vol. 7, No. 2 (June 2025) Section Articles How to Cite Artie, H. Z., Hilman, M., & Yazid, S. (2025). Penilaian Risiko Keamanan Informasi Pusat Data pada Instansi XYZ. Jurnal Informatika Ekonomi Bisnis, 7(2), 270-276. https://doi.org/10.37034/infeb.v7i2.1160 ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver Download Citation Endnote/Zotero/Mendeley (RIS) BibTeX This work is licensed under a Creative Commons Attribution 4.0 International License.

Indexing and Abstractions:

Published:

This work is licensed under a Creative Commons Attribution 4.0 International Public License (CC BY 4.0).

Web Analytics Made Easy -
StatCounter