Evaluation of Information Security Readiness Using the KAMI Index 5.0 and ISO/IEC 27001:2022
Copyright policy )Evaluation of Information Security Readiness Using the KAMI Index 5.0 and ISO/IEC 27001:2022
<p><em>Information security evaluation is a crucial process for organizations to assess their level of readiness and to establish clear security management roles and responsibilities. Higher education institutions, such as Tuanku Tambusai University of Heroes, have significant responsibilities in safeguarding sensitive data. The institution maintains extensive records that include students' personal information, academic transcripts, financial data, and information relating to faculty and staff. Given that multiple organizational units access this information, ensuring data protection and compliance with privacy regulations is paramount. This research purposes to assess the readiness and maturity of information security at Tuanku Tambusai Heroes University using the KAMI Index version 5.0, using the ISO/IEC 27001:2022 standard. This assessment covers six information security domains and shows maturity levels ranging from I+ to II, which indicates that the institution is at an early stage of development, with only the fundamental framework established. In addition, the completeness of the ISO/IEC 27001 implementation was assessed as “Unqualified”, with a score of 379, corresponding to maturity levels I+ to II. These findings highlight the need for targeted improvements to meet the requirements for ISO/IEC 27001:2022 certification</em><em>.</em></p><p><strong><em>Key word</em></strong><strong><em>:</em></strong><em> Evaluation; ISO/IEC 27001:2022; Information Security; KAMI Index </em></p><p> </p><p align="center"><strong>Abstrak</strong></p><p>Mengevaluasi keamanan informasi sangat penting bagi organisasi karena membantu menilai tingkat kesiapan keamanan informasi dan menentukan peran dan tanggung jawab manajer keamanan. Institusi pendidikan tinggi, seperti Universitas Pahlawan Tuanku Tambusai, bertanggung jawab untuk menjaga informasi sensitif. Institusi ini menyimpan sejumlah besar data mahasiswa, termasuk rincian pribadi, catatan akademis, informasi keuangan, dan data mengenai dosen dan staf. Karena banyak unit mengakses data ini, sangat penting untuk memastikan perlindungan dan kepatuhannya terhadap peraturan privasi. Studi ini bertujuan untuk menilai kesiapan dan kematangan keamanan informasi di Universitas Pahlawan Tuanku Tambusai menggunakan Indeks KAMI versi 5.0 dan standar ISO/IEC 27001:2022. Evaluasi, yang mencakup enam area keamanan informasi, mengungkapkan tingkat kematangan mulai dari I+ hingga II, yang menandakan bahwa institusi tersebut berada pada tahap awal, dengan hanya kerangka dasar yang tersedia. Lebih jauh, kelengkapan implementasi ISO/IEC 27001 dinilai sebagai "Tidak Memenuhi Syarat," dengan skor 379, juga dalam level I+ hingga II. Hasil ini menunjukkan perlunya perbaikan signifikan dalam tata kelola keamanan informasi untuk memenuhi persyaratan sertifikasi ISO/IEC 27001:2022.</p><p><strong>Kata kunci</strong><strong>:</strong><em> Evaluasi; Indeks KAMI; ISO/IEC 27001:2022; Keamanan Informasi</em></p>
selected citations These citations are derived from selected sources.This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).0 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!