STUDY OF ISO/IEC 17799:2005 AS INFORMATION SECURITY CONTROL BASELINE
ISO:IEC 17799:2005 is an information security standard that has been implemented in various organizations around the world. This standard is adopted by organizations in different sizes and core business. ISO 17799:2005 provide 133 information security controls that organization can select based on t...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/12966 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | ISO:IEC 17799:2005 is an information security standard that has been implemented in various organizations around the world. This standard is adopted by organizations in different sizes and core business. ISO 17799:2005 provide 133 information security controls that organization can select based on their requirement. At the moment, there are three organizations in Indonesia that has been certified for ISO 27001 which is Certification of Information Security.<p>This thesis presents an analysis of 133 controls of ISO 17799:2005 to be selected and recommended as minimum implementation of information security. The methods used are literature study, literature analysis and field observation. Selecting control of ISO 17799:2005 is conducted by analyzing information security condition, implementation of ISO 17799:2005 in few organizations, analysis information security global trend and also discussing with information security expert in several information security forums.<p>Based on the analysis, there are 54 from 133 controls that highly recommend as minimum controls for implementation of information security. |
|---|