Abstract
Information system security is now very important to prevent from an attack. Besides that, low level security can harm the productivity of an organization. The purpose of this research is to ascertain and know the level of information system security in XYZ Company, because it has never conducted an audit information system security. In this research, it used the COBIT 5 framework to audit information security management system in a company based on the ISO 27001 standard. This audit was conducted to identify information system security that was not good. In addition to improving the information security management system that will be adjusted to the ISO 27001 standard. This research was composed by applying a qualitative methodology, observation of the activity in the company and reviews related information security management system literature document existing. For the auditing using COBIT 5 framework, audit focuses on four kinds process that consists of APO12, DSS05, MEA02 dan EDM03. The audit COBIT 5 two results in consisting of “Managed Process” Level on APO12, MEA02 and EDM03 and “Performed Process” level on DSS05. The resulting of this research will be used a reference to the improvement of existing information system security in the company.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IOP Conference Series: Materials Science and Engineering
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
