DESIGN OF APPLICATION INFORMATION SECURITY SELF-ASSESSMENT USING VBA AND MSXML2.XMLHTTP CASE STUDY: DISKOMINFO KABUPATEN KAMPAR

Abstract

Information security includes the issues that may threaten accountability, reliability, trustworthiness, privacy, authenticity, and trustworthiness of information in an agency. Data and information are very risky things in Information Security, and therefore it is important to do information security governance. The process of evaluating information security using the Index KAMI and ISO 27001: 2013 will be carried out in this study by recording data using Microsoft Excel which has been provided by the National Cyber and Crypto Agency (BSSN). To make it easier to conduct information security assessments and simplify the Excel display, Visual Basic for Applications (VBA) will be utilized as a medium for adding ISO 27001: 2013, then it will be connected using MSXML2.XMLHTTP. The results of the self-assessment carried out show that the Communication, Information, and Signaling Service of Kampar Regency has a level of completeness in implementing the ISO 27001 standard at the "Inadequate" level with a score of 151 only reaching level I+. Meanwhile, the results of the ISO 27001: 2013 Annex control evaluation show that there are still clauses that have not been fulfilled. Therefore, the Communication, Informatics, and Coding Office of Kampar Regency urgently needs improvement in order to fulfill the clauses of ISO 27001: 2013.