CONTROL DESIGN OF INFORMATION SECURITY RELATED TO PRIVACY IN THE SMART SIM BUSINESS PROCESS
Korlantas Polri has the main task as a supervisor and organizer of traffic functions at the central level, currently increasing its digitization capabilities, one of which is Smart SIM. This card has the advantage of integrating data such as traffic accident data, traffic violation data, police f...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/54084 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | Korlantas Polri has the main task as a supervisor and organizer of traffic functions
at the central level, currently increasing its digitization capabilities, one of which is
Smart SIM. This card has the advantage of integrating data such as traffic accident
data, traffic violation data, police forensic data, and electronic money. Of course,
with these advantages, there are security holes that might occur if they do not have
a standard that fits the Smart SIM's needs. The security discussed in this study is
related to the driver's privacy data security factor, which must always be maintained
so that all data is not spread and misused by irresponsible parties. In achieving the
expected objectives, this research needs to be carried out to implement the
appropriate standardization of information systems in its development. These
developments and problems create several standards to identify possible data
privacy risks that may occur. The standards set in this study use ISO/IEC 27001:
2013 and ISO/IEC 27701: 2019. ISO/IEC 27701: 2019 (Privacy Information
Management System) is an extension to privacy from ISO/IEC 27001:2013
(Information Security Management System) that organization can use even without
regard to location and measuring and regardless of whether it acts as a Personally
Identifiable Information (PII) controller, PII processor or both. Using DRM (Design
Research Methodology), the result of this research is an information security
control design that is assessed from the results of risk assessment and Smart SIM
information security policy and procedure documents to maintain the privacy of
driver data on Smart SIM. The control chosen is based on the results of the risk
assessment from Annex A ISO/IEC 27001: 2013 and ISO/IEC 27701: 2019. |
|---|