Title :
Model design of information security governance assessment with collaborative integration of COBIT 5 and ITIL (case study: INTRAC)
Author :
Kusumah, Perdana ; Sutikno, Sarwono ; Rosmansyah, Yusep
Author_Institution :
Sch. of Electr. Eng. & Inf., Bandung Inst. of Technol., Bandung, Indonesia
Abstract :
Management of information without regard to risk the achievement of enterprise goals can have an impact on organizational performance, financial loss or organization´s credibility. The risk control for the negative effects and utilization of chance in achieving enterprise goals is called information security. Information security are generally solved by partial and limited. It also happens to INTRAC that apply only management area of information security by adopting ISO/IEC 27001:2009 and ISO/IEC 27002:2005. This study aims to develop process assessment model that support the implementation of information security governance on an organization. The method used in this study is qualitative method. Based on the validation by expert judgment, information security governance model has been prepared in accordance with the requirements of information security, particularly in the INTRAC.
Keywords :
business data processing; security of data; COBIT 5; INTRAC; ITIL; collaborative integration; information security governance assessment; process assessment model; Decision support systems; IEC standards; ISO standards; Information security; Organizations; IT-related goals; enablers; enterprise goals; governance processes; information security; process assessment model; process management; process reference model; risk; service management system;
Conference_Titel :
ICT For Smart Society (ICISS), 2014 International Conference on
Conference_Location :
Bandung
DOI :
10.1109/ICTSS.2014.7013193
