INFORMATION SECURITY RISK MAPPING IN THE RUDAL DEVELOPMENT PROCESS USING ISO 27001: 2013 AND ISO 31000: 2018 CASE STUDY: BALITBANG KEMHAN
For a government or private institution, information is a very valuable data asset, R&D Ministry of defence is an organization that conducts research and development in the field of defense, one of which is implementing missile development activities. To achieve the objectives in carrying out th...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/36721 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | For a government or private institution, information is a very valuable data asset, R&D Ministry of defence is an organization that conducts research and development in the field of defense, one of which is implementing missile development activities. To achieve the objectives in carrying out the functions of the Research&development organization, a risk management is needed to direct and control the organization in managing risks that may occur, in developing and developing the R&D Ministry of defence information system, confidentiality, data availability, integrity and authenticity must be maintained so that all data is not leak to other parties. These developments and problems gave birth to several methodologies to identify the risk of possible damage to information systems that might occur, predict the magnitude of the losses that might occur and in the end the analysis can be used to build strategies for handling and controlling the risks faced. In securing information,
especially in the R&D Ministry of Defence organization, the Government has issued Regulation of the Minister of Defense of the Republic of Indonesia Number 68 of 2014 concerning Information Security within the Ministry of Defense and the Indonesian Armed Forces, in information security risk analysis on missile development using ISO 27001: 2013 and ISO 31000 : 2018, so as to produce information security policy documents and guidance documents on the implementation of information security that can be used by the organization |
|---|