Audit Sistem Keamanan TI Menggunakan Domain DSS05 Pada Framework COBIT 5 (Studi Kasus: Diskominfo Kabupaten Karawang)

Abstract

Abstrak—Keamanan informasi pada era digital sangat penting, sehingga menjadi masalah penting bagi perusahaan, organisasi, serta lembaga pemerintahan. Dinas Komunikasi serta Informatika Kabupaten Karawang didirikan berdasarkan Peraturan Daerah No.14 pada Tahun 2016 mengenai Pembentukan serta Susunan Perangkat Daerah Kabupaten Karawang. Pemanfaatan teknologi informasi sudah diterapkan dalam sistem keamanan informasi pemerintah Kabupaten Karawang. namun dalam mewujudkan hal itu, belum sepenuhnya berhasil dalam pengambilan nilai serta manfaatnya. Riset ini mempunyai tujuan untuk melakukan evaluasi keamanan sistem informasi yang telah diimplementasikan pada institusi untuk menilai level kapabilitas menggunakan domain DSS05 pada COBIT 5. Metode yang dipakai yaitu Assesment Process Activities COBIT 5 antara lain Initiation Programme, Define Problems and Opportunities, Data Collection, Data Validation serta Process Atribut Level. Hasil riset ini didapatkan nilai kapabilitas 3,4 (as is) serta 4.1 (to be) maka proses yang telah diimplementasikan secara garis besar tercapai. Pada domain DSS05 mendapatkan capaian sebesar 92% berarti pada proses atribut 3.1 process definition tercapai penuh, sehingga penilaian dapat dilanjutkan ke level berikutnya yaitu (PA) 3.2 Process Deployment.Abstract—Information security in the digital era is very important, so it becomes a critical problem for enterprise, organizations and governments. The Communication and Informatics Office of Karawang Regency was formed based on Peraturan Daerah No. 14 of 2016 concerning the Formation and Composition of the Karawang Regency Regional Apparatus. Information technology is already implememted in the information security system of the Karawang Regency government. However, in realizing this, the value and benefits have not been fully succeeded. This study aims to evaluate the security of information systems that have been implemented in institutions to assess Capability Level using the DSS05 domain at COBIT 5. The method used is the Assessment Process Activities of COBIT 5, including Initiation Program, Define Problems and Opportunities, Data Collection, Data Validation and Process Attribute Level. The results of this study obtained the capability value of 3,4 (as is) and 4.1 (to be) of the two values, so the process that has been implemented in outline is achieved. In the DSS05 domain, the achievement was 92%, meaning that the 3.1 process definition attribute process was fully achieved, so that the assessment could be continued to the next level, namely (PA) 3.2 Process Deployment.