Evaluasi Keamanan Informasi di Lingkungan Rumah Sakit: Pendekatan Audit ISO 27001 di RS Rahman Rahim Sidoarjo
关键词:
Audit, ISO 27001, Uji Kematangan摘要
The development of technology and information systems has now grown rapidly and has penetrated various aspects of human life. Starting from education, government, health, to trade, technology has been implemented to help their business processes. One area that is important to protect from these risks is the health sector. The institutions responsible in this field are hospitals that provide health services to the community. Rahman Rahim Hospital is a type D general hospital located in Kebonagung Village, Sukodono District, Sidoarjo Regency. Rahman Rahim Hospital has implemented a Hospital Management Information System (SIMRS). This needs to receive more attention, considering that health assets are a vital component for maintaining the smooth operational processes of hospitals. Serious and continuous action in protecting health assets can increase the security of health assets in order to protect patient rights and maintain the integrity of hospitals. Information system audits are carried out using the ISO/IEC 27001 framework. Implementation of ISO/IEC 27001 protects all aspects of information security, namely confidentiality, integrity and availability. This results in a maturity level index of 2.46 which is at the Planned and Tracked level. The gap obtained from the average objective control calculation is 2.5.
参考
S. Dwiasnati and R. R. Hidayat, “Penerapan Manajemen Risiko Menggunakan COSO: Enterprise Risk Management Framework Integrated Pada PT ALPHANET,” J. Tata Kelola dan Kerangka Kerja Teknol. Inf., vol. 8, no. 2, pp. 66–72, 2022, doi: 10.34010/jtk3ti.v8i2.7845.
Amri Hairul, Haryada Alwi Awilo, Abdi Kairul, and Ikhwan Ali, “Manajemen Resiko Keamanan Aset Informasi Pada Puskesmas Pancur Batu Tuntungan,” J. Sains Dan Teknol., vol. 3, no. 1, pp. 141–150, 2023.
A. A. Ipungkarti, “Penerapan IT Security Awareness Standar Keamanan ISO 27001 Di BPJS Ketenagakerjaan Kantor Cabang Purwakarta,” J. Media Infotama, vol. 19, no. 1, pp. 103–110, 2023, doi: 10.37676/jmi.v19i1.3481.
M. Bakri and N. Irmayana, “Analisis Dan Penerapan Sistem Manajemen Keamanan Informasi SIMHP BPKP Menggunakan Standar Iso 27001,” J. Tekno Kompak, vol. 11, no. 2, p. 41, 2017, doi: 10.33365/jtk.v11i2.162.
D. Akbar, S. Mulia, W. Ningrum, and ..., “Audit Sistem Informasi Pengantaran Barang Pada PT Samudera Arkan Nusantara Menggunakan Framework COBIT 4.1,” … Nat. Sustain., vol. 2, no. 1, pp. 34–38, 2022, [Online]. Available: http://journal.uvers2.ac.id/index.php/jodens/article/view/74%0Ahttp://journal.uvers2.ac.id/index.php/jodens/article/download/74/52
E. Riana, M. E. S. Sulistyawati, and O. P. Putra, “Analisis Tingkat Kematangan (Maturity Level) Dan PDCA (Plan-Do-Check-Act) Dalam Penerapan Audit Sistem Manajemen Keamanan Informasi Pada PT Indonesia Game Menggunakan Metode ISO 27001:2013,” J. Inf. Syst. Res., vol. 4, no. 2, pp. 632–640, 2023, doi: 10.47065/josh.v4i2.2552.
R. Molly and M. Itaar, “Analisis Pemanfaatan Sistem Informasi Manajemen Rumah Sakit (SIMRS) Pada RRSUD DOK II Jayapura,” J. Softw. Eng. Ampera, vol. 2, no. 2, pp. 95–101, 2021, doi: 10.51519/journalsea.v2i2.127.
P. Februari and F. Fitria, “Audit Sistem Keamanan Informasi Menggunakan ISO 27001 pada SMKN 1 Pugung, Lampung,” POSITIF J. Sist. dan Teknol. Inf., vol. 5, no. 2, p. 97, 2019, doi: 10.31961/positif.v5i2.833.
I. Mantra, A. Abd. Rahman, and H. Saragih, “Maturity Framework Analysis ISO 27001: 2013 on Indonesian Higher Education,” Int. J. Eng. Technol., vol. 9, no. 2, p. 429, 2020, doi: 10.14419/ijet.v9i2.30581.
##submission.downloads##
已出版
##submission.howToCite##
期
栏目
##submission.license##
##submission.copyrightStatement##
##submission.license.cc.by4.footer##
