Journal article
Implementation Of The ISO-IEC 27005 In Risk Security Analysis Of Management Information System
NI WAYAN SRI ARIYANI Made Sudarma
Volume : 8 Nomor : 8 Published : 2016, August
Journal of Engineering Research and Applications (IJERA)
Abstrak
The study conducted and explains about analysis result of Security Management Information System (SMKI) at UPT SAMSAT Denpasar. This analysis has purpose to find out the level of SMKI at UPT SAMSAT Denpasar. Framework to be used in this analysis process is the ISO/IEC 27005. Section that wants to be analyze is the main task and function at the Section of Motor Vehicle Tax (PKB) and Motor Vehicle Mutation Charge (BBNKB) and service process performed, in this case is which is done by the staff in the Section of PKB and BBNKB that includes determining tax, to take data of progressive tax, data slot that involves in it, supporting structure and infrastructure and, of course, the stackeholder who involve in the process. The analysis was performed by implemented the ISO/IEC 27005 framework referring to clause 7 and clause 8. Clause 7 of ISO/IEC 27005 in this analysis was performed to the organization structure, obstacles list that influence the organization, reference list of legislative and regulation that valid to the organization. Whereas clause 8 of ISO/IEC 27005 include asset identification, asset appraisal, impact assessment. Analysis result shows that asset list that has the highest risk rate include the main asset those are: the process of coding selection, determining tax, process of determining the progressive tax ownership status, process of determining the progressive tax ownership order, process to repeat data capture of progressive tax, and supporting asset that cover: staff of determination, staff of progressive data capture. Whereas asset list that has the highest threat level include main asset those are: process of tax determination coding selection, process of progressive tax ownership status determination, process of progressive tax ownership order determination, process to repeat data capture of progressive tax, and supporting asset those are: the staff of determination, staff of progressive data capture.