Hasil Pencarian  ::  Simpan CSV :: Kembali

Hasil Pencarian

Ditemukan 26 dokumen yang sesuai dengan query
cover
Erlangga Al Farozi
Perancangan perjanjian tingkat layanan dan standar proses pengelolaan tingkat layanan teknologi informasi berbasis standar ISO 20000 dan ITIL V3 2011: Studi Kasus PT XYZ = Designing service level agreement and standard of service level management process for information technology based on ISO 20000 Standards and ITIL V3 2011: A Case Study at PT XYZ
"Perkembangan teknologi dewasa ini sangatlah cepat dan telah mengubah sudut pandang maupun rencana strategis perusahaan. Ilmu mengenai teknologi informasi pun sudah mulai merambah sampai ke tingkat stratejik, tetapi masih banyak perusahaan yang belum bisa memetakan perkembangan teknologi informasi dari tingkat stratejiknya. PT XYZ merupakan perusahaan berbasis customer relationship marketing yang memberikan beberapa layanan untuk memenuhi kebutuhan bisnisnya.
Beberapa dari layanan tersebut memiliki permasalahan mengenai kemampuan layanannya. Pihak bisnis banyak mempertanyakan, apakah divisi TI memberikan semua yang dibutuhkan oleh bisnis dan apakah sesuai dengan perjanjiannya, dengan permasalahan ini maka akan dibuat dokumen perjanjian tingkat layanan yang sesuai dengan kebutuhan bisnis yang diharapkan oleh dewan direksi PT XYZ. Namun, beberapa permasalahan tersebut memiliki ukuran-ukuran yang sebelumnya tidak pernah didefinisikan, sehingga tidak dapat menghasilkan sesuatu yang dapat diukur dan dinilai.
Penelitian ini berusaha untuk mengembangkan perjanjian tingkat layanan yang sesuai dengan standar formal yang belum ada di PT XYZ menggunakan standar ISO 20000 dan kerangka kerja ITIL V3 2011 serta mengembangkan ukuran yang dapat diukur dan dinilai. Perjanjian tingkat layanan ini akan berisi 19 bagian yang ditiap-tiap bagiannya akan menyesuaikan karakteristik dari layanan dan perusahaannya.
The development of technology nowadays is very rapid and has changed companies viewpoints and strategic plans. The science of information technology has also penetrated into strategic level, but many companies still haven’t been able to map the information technology development from the strategic level. PT XYZ is a customer relationship marketing based company which gives services to fulfill its business needs.
Some of their services have issues in regards to the service capabilities. The business authorities have been questioning if the IT Division have provided all that is needed by the business according to the agreement. Therefore, a service level agreement document will be made according to the business needs expected by the authorities of PT XYZ. However, some of those issues have measures that have never been defined before, which lead to creating something that cannot be measured and assessed.
This research tries to develop a service level agreement based on formal standard which has not been applied at PT XYZ, using ISO 20000 standard and ITIL V3 2011 framework, and also to develop measurable and assessable measurements. This service level agreement will contain 19 different parts, where each will be customized based on the characteristics of the services and companies themselves."
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2013
TA-Pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Sigit Prasetyo
Perencanaan manajemen risiko keamanan informasi studi kasus aplikasi modul kekayaan negara direktorat jenderal kekayaan negara kementerian keuangan = Information security risk management planning a case study at application module of state asset directorate general of state asset ministry of finance
"Kementerian Keuangan khususnya Direktorat Jenderal Kekayaan Negara (DJKN) merupakan salah satu organisasi yang bertugas untuk melakukan pengelolaan barang milik negara dan melakukan peningkatan pelayanan terhadap stakeholder dengan menggunakan teknologi informasi sebagai elemen pendukungnya. Untuk mewujudkan database nilai kekayaan negara yang kredibel sehingga menjadi informasi eksekutif yang utuh, tepat waktu, akurat, dan dapat digunakan untuk proses pengambilan keputusan bagi pimpinan Kementerian Keuangan maka dibutuhkan suatu perencanaan manajemen risiko keamanan informasi terhadap sistem informasi utama yang mendukung proses bisnis DJKN.
Penelitian ini bertujuan untuk menyusun perencanaan manajemen risiko keamanan informasi untuk DJKN khususnya terhadap aplikasi yang mendukung proses bisnis utama yaitu aplikasi Modul KN dengan menggunakan framework ISO 27005 dan ISO 27002 untuk penanganan pengurangan risiko.
Hasil yang didapat dari penelitian ini adalah perencanaan manajemen risiko keamanan informasi yang berupa dokumen penanganan risiko, rekomendasi kontrol untuk mengurangi risiko dan penerimaan risiko yang berisi tentang keputusan penanganan risiko serta penanggung jawab penanganan risiko.
Ministry of Finance in particular the Directorate General of State Asset (DJKN) is one organization that is tasked to undertake the management of state asset and improved services to stakeholders using information technology as a supporting element. To realize the value database of state asset into a credible executive information intact, timely, accurate and can be used for decision making process for the leadership of the Ministry of Finance then needed an information security risk management plan to the main information systems that support business processes DJKN.
This research aimed to develop an information security risk management plan for DJKN particularly to applications that support key business processes that called state assets module applications using the framework of ISO 27005 and ISO 27002 for risk reduction management.
The results obtained from this research is the information security risk management plan that contains the document mitigation risk, control recommendations to reduce risk and acceptance of risk which contains risk management decisions also the person in charge of mitigation risk."
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2014
TA-Pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Muhamad Hanif Muslim
Evaluasi Pengelolaan Teknologi Informasi Dan Rekomendasi Perbaikan Proses Berdasarkan Kerangka Kerja COBIT 5: Studi Kasus Lembaga Ilmu Pengetahuan Indonesia = The Evaluation of Information Technology Management and Recommendation of Process Improvement Using COBIT 5 Framework: Study Case Indonesian Institute Of Sciences
"Program Reformasi Birokrasi mengharuskan seluruh instansi pemerintah untuk mewujudkan tata kelola pemerintahan yang baik. Salah satu upaya yang dapat dilakukan untuk mewujudkan tata kelola pemerintahan yang baik adalah melalui penerapan Teknologi Informasi (TI)/e-government terintegrasi. Oleh karena itu, penerapan TI perlu dikelola secara efektif sesuai kerangka kerja tata kelola TI. Belum adanya kerangka kerja tata kelola TI di LIPI tidak hanya memberikan dampak permasalahan teknis namun juga berdampak secara sistemik terhadap implementasi TI di Lembaga Ilmu Pengetahuan Indonesia. Untuk itu, penelitian ini fokus pada evaluasi pengelolaan TI di lingkungan LIPI dengan menggunakan kerangka kerja COBIT 5 untuk mengukur tingkat kapabilitas proses TI LIPI sesuai permasalahan yang dihadapi. Kemudian hasil pengukuran tingkat kapabilitas proses TI LIPI digunakan sebagai dasar menyusun rekomendasi perbaikan proses tata kelola TI LIPI. Pengukuran tingkat kapabilitas menggunakan Process Assessment Model (PAM) yang dilakukan terhadap 24 proses yang relevan. Hasil pengukuran menunjukkan bahwa 14 proses berada pada kapabilitas tingkat 1 (performed), dan sisanya sebanyak 10 proses masih berada pada tingkat 0 (incomplete). Rekomendasi perbaikan proses dirumuskan berdasarkan kesenjangan antara hasil pengukuran saat ini dengan target yang ditetapkan. Penentuan prioritas proses perbaikan berdasarkan pemetaan permasalahan (pain point) dan proses COBIT 5 dengan target kinerja pengembangan SI/TI LIPI pada tahun 2018. Hasilnya terpilih 10 proses yang menjadi prioritas perbaikan.
The Bureaucratic Reform Program requires all government agencies to realize good corporate governance. The application of integrated Information Technology (IT) can contribute to the implementation of good corporate governance. Therefore, the implementation of IT needs to be managed effectively according to the IT governance framework. Ineffective IT governance not only has an impact on technical issues but also has a systemic impact on implementation of IT at LIPI. For this reason, in this paper focuses on evaluating IT management by using the COBIT 5 framework to measure IT process capability level of LIPI. The results of IT process capabilities measurement of LIPI are used as a basis for formulating recommendations for improvement of IT governance process. Capability level measurements using the Process Assessment Model (PAM) carried out on 24 relevant processes. The measurement results show that 14 processes are on level 1 capability (performed), and the remaining 10 processes are still at level 0 (incomplete). The recommendations for process improvements are formulated based on the gap between the current measurement results and the set targets. The prioritization of the improvement process are derived based on the pain point and the target of the IT development at LIPI in 2018. The results show that 10 processes were selected as prioritize improvements."
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2019
TA-Pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Muhammad Hanif Muslim
Evaluasi pengelolaan teknologi informasi dan rekomendasi perbaikan proses berdasarkan kerangka kerja COBIT 5: studi kasus Lembaga Ilmu Pengetahuan Indonesia = The Evaluation of information technology management and recommendation of process improvement using COBIT 5 framework: study case Indonesian Institute of Sciences
"Program Reformasi Birokrasi mengharuskan seluruh instansi pemerintah untuk mewujudkan tata kelola pemerintahan yang baik. Salah satu upaya yang dapat dilakukan untuk mewujudkan tata kelola pemerintahan yang baik adalah melalui penerapan Teknologi Informasi (TI)/e-government terintegrasi. Oleh karena itu, penerapan TI perlu dikelola secara efektif sesuai kerangka kerja tata kelola TI. Belum adanya kerangka kerja tata kelola TI di LIPI tidak hanya memberikan dampak permasalahan teknis namun juga berdampak secara sistemik terhadap implementasi TI di Lembaga Ilmu Pengetahuan Indonesia.
Untuk itu, penelitian ini fokus pada evaluasi pengelolaan TI di lingkungan LIPI dengan menggunakan kerangka kerja COBIT 5 untuk mengukur tingkat kapabilitas proses TI LIPI sesuai permasalahan yang dihadapi. Kemudian hasil pengukuran tingkat kapabilitas proses TI LIPI digunakan sebagai dasar menyusun rekomendasi perbaikan proses tata kelola TI LIPI. Pengukuran tingkat kapabilitas menggunakan Process Assessment Model (PAM) yang dilakukan terhadap 24 proses yang relevan. Hasil pengukuran menunjukkan bahwa 14 proses berada pada kapabilitas tingkat 1 (performed), dan sisanya sebanyak 10 proses masih berada pada tingkat 0 (incomplete).
Rekomendasi perbaikan proses dirumuskan berdasarkan kesenjangan antara hasil pengukuran saat ini dengan target yang ditetapkan. Penentuan prioritas proses perbaikan berdasarkan pemetaan permasalahan (pain point) dan proses COBIT 5 dengan target kinerja pengembangan SI/TI LIPI pada tahun 2018. Hasilnya terpilih 10 proses yang menjadi prioritas perbaikan.
The Bureaucratic Reform Program requires all government agencies to realize good corporate governance. The application of integrated Information Technology (IT) can contribute to the implementation of good corporate governance. Therefore, the implementation of IT needs to be managed effectively according to the IT governance framework. Ineffective IT governance not only has an impact on technical issues but also has a systemic impact on implementation of IT at LIPI.
For this reason, in this paper focuses on evaluating IT management by using the COBIT 5 framework to measure IT process capability level of LIPI. The results of IT process capabilities measurement of LIPI are used as a basis for formulating recommendations for improvement of IT governance process. Capability level measurements using the Process Assessment Model (PAM) carried out on 24 relevant processes. The measurement results show that 14 processes are on level 1 capability (performed), and the remaining 10 processes are still at level 0 (incomplete).
The recommendations for process improvements are formulated based on the gap between the current measurement results and the set targets. The prioritization of the improvement process are derived based on the pain point and the target of the IT development at LIPI in 2018. The results show that 10 processes were selected as prioritize improvements."
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2019
TA-Pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Dian Ikasari
Perancangan tata kelola keamanan informasi berdasarkan Information Security Management System (ISMS) ISO/IEC 27001:2005 untuk pengelolaan data migas yang dikelola oleh pihak ketiga: studi kasus Pusat Data dan Teknologi Informasi Energi dan Sumber Daya Mineral = Design of information security overnance based on Information Security Management System (ISMS) ISO/IEC 27001:2005 for oil and gas data management that are managed by third parties: a case study at Data and Information Technology Center for Energy and Mineral Resource / Dian Ikasari
"[Minyak dan gas bumi (migas) merupakan sumber daya alam yang sangat strategis bagi Indonesia. Karena hingga saat ini sektor migas masih menjadi salah satu tulang punggung perekonomian nasional, sumber penerimaan dan devisa negara, bahan bakar bagi industri, mendorong investasi, penyerapan tenaga kerja, pemenuhan energi domestik dan peningkatan kemampuan sumber daya manusia serta sumber pengembangan ekonomi daerah. Oleh karena itu, pengelolaan data migas yang baik, akurat, lengkap dan aman akan membantu pemerintah dalam pengambilan keputusan dan kebijakan bidang migas. Karena keterbatasan sumber daya manusia, sarana, dan prasarana, hingga saat ini Pusdatin ESDM bekerja sama dengan pihak ketiga dalam pengelolaan data migas. Namun dalam menjalin kerja sama tersebut, Pusdatin ESDM belum memiliki tata kelola keamanan infomasi yang dibutuhkan untuk mendukung keamanan data dan informasi migas.
Berdasarkan hal tersebut, jelas bahwa permasalahan di Pusdatin ESDM terkait keamanan informasi pada pengelolaan data migas adalah aspek kerahasiaan, integritas, dan ketersediaan informasi dan data migas belum didukung secara optimal. Sehingga perlu dikembangkan tata kelola keamanan informasi yang sesuai bagi Pusdatin ESDM untuk pengelolaan data migas yang dikelola pihak ketiga.
Penelitian ini membahas perancangan tata kelola keamanan informasi untuk pengelolaan data migas yang dikelola oleh pihak ketiga, dengan menggunakan standar keamanan informasi ISO/IEC 27001:2005. Melalui pendekatan penilaian risiko, dipilih sasaran pengendalian dan pengendalian ISO/IEC 27001:2005 yang sesuai untuk pengelolaan data migas. Berdasarkan sasaran pengendalian dan pengendalian terpilih, dikembangkan tata kelola keamanan informasi untuk pengelolaan data migas yang dikelola oleh pihak ketiga. Dalam hal pemetaan peran dan tanggung jawab keamanan informasi, digunakan konsep RACI pada kerangka kerja OMBOK (Outsourcing Management Body of Knowledge).
Hasil penelitian ini didapat rancangan tata kelola keamanan informasi yang sesuai bagi Pusdatin ESDM dalam melaksanakan pengelolaan data migas yang hingga saat ini bekerja sama dengan pihak ketiga.;Oil and gas is a natural resource that is very strategic for Indonesia. Nowadays, oil and gas sector remains one of the backbone of the national economy, source of revenue and foreign exchange, fuel for industry, encourage investment, employment, fulfillment of domestic energy and upgrading of human resources, as well as a source of regional economic development. Therefore, good, accurate, complete and safe data management will assist the government in making decisions and policies of oil and gas fields. Due to limited human resources, facilities, and infrastructure, Pusdatin ESDM (Data and Information Technology Center for Energy and Mineral Resource) cooperate with third parties in oil and gas data management. However, Pusdatin ESDM do not have any governance to make sure the security of oil and gas information.
It is clear that the information security problem in Pusdatin ESDM for oil and gas data management is the low concern of data confidentiality, integrity, and availability. So it is necessary to develop information security governance suitable for Pusdatin ESDM for oil and gas data management which are managed by third parties.
This study discusses the design of information security governance for oil and gas data management, managed by a third party, by using information security standards ISO/IEC 27001:2005. Through a risk assessment approach, control objectives and control of ISO/IEC 27001:2005 which related to the data management of oil and gas are selected. Based on control objectives and control selected, the information security governance for oil and gas data management that are managed by a third party, are developed and created. In the case of mapping the roles and responsibilities of information security, RACI concept of OMBOK (Outsourcing Management Body of Knowledge) framework is used.
The results of this study is an information security governance design suitable for Pusdatin ESDM in implementing oil and gas data management managed by third parties., Oil and gas is a natural resource that is very strategic for Indonesia. Nowadays, oil and gas sector remains one of the backbone of the national economy, source of revenue and foreign exchange, fuel for industry, encourage investment, employment, fulfillment of domestic energy and upgrading of human resources, as well as a source of regional economic development. Therefore, good, accurate, complete and safe data management will assist the government in making decisions and policies of oil and gas fields. Due to limited human resources, facilities, and infrastructure, Pusdatin ESDM (Data and Information Technology Center for Energy and Mineral Resource) cooperate with third parties in oil and gas data management. However, Pusdatin ESDM do not have any governance to make sure the security of oil and gas information.
It is clear that the information security problem in Pusdatin ESDM for oil and gas data management is the low concern of data confidentiality, integrity, and availability. So it is necessary to develop information security governance suitable for Pusdatin ESDM for oil and gas data management which are managed by third parties.
This study discusses the design of information security governance for oil and gas data management, managed by a third party, by using information security standards ISO/IEC 27001:2005. Through a risk assessment approach, control objectives and control of ISO/IEC 27001:2005 which related to the data management of oil and gas are selected. Based on control objectives and control selected, the information security governance for oil and gas data management that are managed by a third party, are developed and created. In the case of mapping the roles and responsibilities of information security, RACI concept of OMBOK (Outsourcing Management Body of Knowledge) framework is used.
The results of this study is an information security governance design suitable for Pusdatin ESDM in implementing oil and gas data management managed by third parties.]"
2015
TA-pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Elyana Agustin
Pengukuran tingkat kapabilitas tata kelola teknologi informasi dan rekomendasi perbaikan berdasarkan kerangka kerja cobit 5 : studi kasus Pusat Informasi dan Hubungan Masyarakat (PINMAS) Kementerian Agama RI = Capability level measurement it governance improvement and recommendations based on cobit 5 framework : Case study Information and Public Relation Center Ministry of Religious Affairs
"[ ABSTRAK
Kementerian Agama sebagai organisasi pemerintah tentunya fokus pada peningkatan pelayanan masyarakat yang transparan dan akuntabel Oleh karena itu teknologi informasi TI harus dikelola dengan tepat sehingga berimbas pada kualitas layanan kepada masyarakat Untuk mengetahui sejauh mana kinerja TI dikelola dengan baik perlu dilakukan pengukuran tata kelola TI COBIT 5 merupakan kerangka kerja yang digunakan untuk menilai mengukur mengontrol tata kelola dan manajemen TI pada suatu organisasi Kementerian Agama masih memiliki banyak permasalahan dalam pengelolaan TI Pusat Informasi dan Hubungan Masyarakat PINMAS sebagai unit pengelola TI di Kementerian Agama perlu melakukan perbaikan Maka dilakukan penelitian mengenai pengukuran tingkat kapabilitas tata kelola TI di PINMAS dengan kerangka kerja COBIT 5 Pengukuran dilakukan berdasarkan pemetaan tujuan organisasi dan permasalahan TI yang umum terjadi terhadap masing masing proses pada COBIT 5 Dari pengukuran tersebut diketahui bahwa dari 13 proses yang terpilih 10 proses berada pada tingkat kapabilitas level 0 incomplete dan 3 proses berada level 1 ad hoc Hal ini menunjukkan bahwa organisasi masih belum mengetahui permasalahan yang terjadi dan belum mengimplementasikan panduan tata kelola TI berdasarkan COBIT 5 Setelah dilakukan pengukuran kemudian disusun rekomendasi perbaikan serta berdasarkan hasil pengukuran dan target yang ingin dicapai oleh organisasi
ABSTRACT
Ministry of Religious Affairs as government organizations focus on improving public services transparent and accountable Therefore information technology IT should be managed properly to improvement the quality of service IT performance measurement was conducted to determine the extent to which IT governance is managed appropriately COBIT 5 is a framework used to assess measure and control IT management and IT governance in organizations Ministry of Religious Affairs still have a lot of IT governance problems Information and Public Relations Center PINMAS as a IT unit need to make improvements IT governance Therefore necessary to measure capability level in PINMAS based on COBIT 5 framework Measurements were based on the mapping of the enterprise goals and common IT problems in PINMAS of each process in COBIT 5 It is known that 13 process selected 10 are at the level of process capability level 0 incomplete and 3 processes are level 1 ad hoc It showed that organization still do not know the problems that occur and not implement COBIT 5 guidelines After this compiled recommendations for improvement based on the results of measurements and targets by the organization , Ministry of Religious Affairs as government organizations focus on improving public services transparent and accountable Therefore information technology IT should be managed properly to improvement the quality of service IT performance measurement was conducted to determine the extent to which IT governance is managed appropriately COBIT 5 is a framework used to assess measure and control IT management and IT governance in organizations Ministry of Religious Affairs still have a lot of IT governance problems Information and Public Relations Center PINMAS as a IT unit need to make improvements IT governance Therefore necessary to measure capability level in PINMAS based on COBIT 5 framework Measurements were based on the mapping of the enterprise goals and common IT problems in PINMAS of each process in COBIT 5 It is known that 13 process selected 10 are at the level of process capability level 0 incomplete and 3 processes are level 1 ad hoc It showed that organization still do not know the problems that occur and not implement COBIT 5 guidelines After this compiled recommendations for improvement based on the results of measurements and targets by the organization ]"
Fakultas Ilmu Komputer Universitas Indonesia, 2015
TA-PDF
UI - Tugas Akhir  Universitas Indonesia Library
cover
Arfiani Haryanti
Pengukuran tingkat kapabilitas tata kelola teknologi informasi dan rekomendasi perbaikan berdasarkan kerangka kerja cobit 5: studi kasus Badan Kepegawaian Negara = Measurement capability level of information technology governance and improvement recommendations using cobit 5 framework: case study of Badan Kepegawaian Negara (BKN)
"Kemajuan TI merupakan solusi bagi penyelenggara pelayanan publik dalam memenuhi aspek transparansi akuntabilitas dan partisipasi masyarakat Penyelenggaraan layanan publik berbasis TI perlu terus dikembangkan terutama dalam penyelenggaraan pelayanan sehingga memungkinkan tersedianya data dan informasi pada Instansi Pemerintah yang dapat dianalisis dan dimanfaatkan secara cepat akurat dan aman Badan Kepegawaian Negara BKN merupakan salah satu organisasi pemerintahan yang telah menerapkan TI dalam memberikan pelayanan kepada publik Untuk menghadirkan layanan TI yang mendukung tujuan penyelenggaraan pemerintahan diperlukan pemanfaatan TI yang tepat sehingga keberadaan TI menjadi faktor penentu keberhasilan BKN dalam memberikan pelayanan kepegawaian kepada publik
Tujuan dari penelitian ini adalah untuk melakukan pengukuran tingkat kapabilitas tata kelola TI pada Badan Kepegawaian Negara Pengukuran dilakukan dengan menggunakan metode Process Assesment Model PAM pada COBIT 5 Pendekatan pengumpulan data pada penelitian ini adalah menggunakan data primer yang didapat dari wawancara serta data sekunder melalui observasi lapangan dan dokumenDari hasil pengukuran dapat diketahui bahwa sebagian besar tingkat kapabilitas proses proses tata kelola TI di BKN masih berada pada kapabilitas level 0 incomplete
Rekomendasi terhadap perbaikan proses proses tersebut dibuat dengan mengacu terhadap best practise yang disarankan oleh COBIT 5 Rekomendasi utama meliputi pembuatan kebijakan terkait TI pembuatan Standar Operating Procedure SOP untuk aktivitas operasional TI melakukan monitoring dan pelaporan berkala serta mendokumentasikan seluruh aktivitas terkait TI ke dalam bentuk dokumen tertulis
IT progress is a solution for public service providers in meeting the aspects of transparency accountability and community participation Implementation of IT based public services need to be developed especially in the provision of services thus enabling the availability of data and information on Government Agencies which can be analyzed and used quickly accurately and safely Badan Kepegawaian Negara BKN is a government organization that has been implementing IT in providing services to the public To deliver IT services that support the objectives required the use of IT governance right so where IT becomes a critical success factor BKN in providing services to the public employment
The purpose of this research is to evaluate the management of information technology within BKN Measurements were made by using the Process Assessment Model PAM on COBIT 5 Approach to data collection in this research using primary data obtained from interviews and secondary data through observation documents and field observation From the measurement results it can be seen that most of the processes capability levels of IT governance in BKN still at the capability level 0 incomplete
Recommendations for the improvement of these processes was made with reference to the best practices recommended by COBIT 5 The main recommendations include making plans for all IT activities creation of Standard Operating Procedure SOP for IT operational activities making performance measurement monitoring periodically reporting and documenting all activities related to IT in the form of a written document."
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2015
TA-pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Siburian, Nia Wiraniza
Pengukuran tingkat kapabilitas tata kelola teknologi informasi menggunakan kerangka kerja cobit 5: studi kasus Direktorat Metrologi Kementerian Perdagangan = Measurement of information technology governance capability level using cobit 5 framework: a case study on directorate of Metrology of the Ministry of Trade
"Direktorat Metrologi adalah sebuah instansi pemerintahan dibawah naungan Kementerian Perdagangan Guna menunjang pelaksanaan kegiatannya Direktorat Metrologi telah memanfaatkan penerapan teknologi informasi TI Namun pada kenyataannya penerapan dan pengelolaan TI di Direktorat Metrologi saat ini masih kurang optimal dalam mendukung pelaksanaan tugas dan fungsi Banyak faktor yang menjadi penghambat terciptanya tata kelola TI yang baik di Direktorat Metrologi seperti kurangnya SDM TI yang berkualitas belum terarahnya pengelolaan TI kurangnya perencanaan TI yang baik belum adanya sistem pengaduan gangguan layanan TI yang jelas serta kurangnya kontrol internal terhadap pengelolaan TI itu sendiri Berdasarkan permasalahan tersebut dilakukan penelitian yang bertujuan untuk mengukur tingkat kapabilitas tata kelola TI di Direktorat Metrologi dengan menggunakan kerangka kerja COBIT 5 Pengukuran tingkat kapabilitas ini dilakukan dengan metode PAM Process Assesment Model Pengukuran diawali dengan identifikasi permasalahan dan memetakannya terhadap proses proses COBIT 5 yang relevan Selanjutnya dilakukan penilaian terhadap 12 proses COBIT 5 terpilih untuk mengetahui tingkat kapabilitas saat ini serta dilakukan juga penentuan target untuk mengetahui tingkat kapabilitas yang ingin dicapai Hasil pengukuran menunjukkan bahwa tingkat kapabilitas proses proses TI di Direktorat Metrologi sebagian besar berada pada level 0 incomplete Dari hasil pengukuran tingkat kapabilitas tersebut kemudian ditentukan rekomendasi perbaikan proses proses untuk mencapai tingkat kapabilitas yang diharapkan dimana tingkat kapabilitas target berada pada level 3 established dan 4 predictable Rekomendasi perbaikan disusun berdasarkan kerangka kerja COBIT 5 Perbaikan secara bertahap diperlukan agar kapabilitasnya dapat meningkat secara simultan Rekomendasi yang utama diusulkan meliputi pembuatan Standard Operating Procedure SOP untuk tiap aktivitas TI melakukan pemantauan dan evaluasi secara berkala mendokumentasikan seluruh aktivitas TI serta peningkatan SDM TI dari segi kuantitas dan kualitas Rekomendasi perbaikan ini ditujukan untuk meningkatkan kinerja serta sebagai acuan perbaikan tata kelola TI di masa yang akan datang.
Directorate of Metrology is a government agency under the auspices of the Ministry of Trade To support the implementation of its activities Directorate of Metrology has utilized the application of information technology IT However in reality the implementation and management of IT in Directorate of Metrology is still less than optimal in supporting its tasks and functions Many factors that hamper the realization of good IT governance in Directorate of Metrology such as lack of qualified IT human resources no clear direction of IT management lack of good IT planning no IT service problem complain system and lack of internal controls for the management of IT itself Based on those problems the research aimed to measure the level of IT governance capability in Directorate of Metrology by using the COBIT 5 framework It is done by the method of PAM Process Assessment Model Measurement begins with identified the problems and mapped them to relevant processes of COBIT 5 Then the assessment of the 12 selected processes of COBIT 5 conducted to determine the current level of capability and also the capability level to be achieved The measurement result showed that the capability level of IT processes in the Directorate of Metrology mostly at level 0 incomplete From the measurement result then it determined the improvement recommendations to achieve expected capability level wherein the target capability levels are at level 3 established and 4 predictable Improvement Recommendations are based on the COBIT 5 framework Gradual improvement is needed in order to be able to increase the capability simultaneously The main recommendations proposed include making the Standard Operating Procedure SOP for each IT activity conducting regular monitoring and evaluation documenting all IT activities and improving the quantity and quality of IT human resources This recommendations intended to improve performance and as a reference for the IT governance improvement in the future."
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2015
TA-pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Andri Rivano
Pemanfaatan Computer Forensic pada kegiatan Fraud Risk Management: Studi kasus instansi pemerintah XYZ = Utilization of Computer Forensic in Fraud Risk Management activity: Case study government agency of Indonesia XYZ / Andri Rivano
"[ABSTRAK
Pemanfaatan teknologi informasi (TI), selain membantu suatu instansi pemerintah dalam memotong rantai birokrasi dalam pelaksanaan tugas pokok dan fungsi instansi pemerintah, terkait reformasi birokrasi, juga dapat dimanfaatkan untuk pembenahan instansi pemerintah. Dalam studi kasus ini dimana sudah dicanangkan suatu kegiatan yang bertujuan membenahi organisasi di instansi pemerintah pusat XYZ, atas instruksi Komisi Pengawas XYZ Pada kegiatan pembenahan organisasi XYZ tersebut dilakukanlah penelaahan risiko dalam kegiatan fraud risk management dimana salah satu lingkup kerjanya adalah melakukan fraud risk assesment yang dilakukan dengan bantuan forensic technology. Tujuan menggunakan forensic technology adalah untuk menemukan bukti-bukti digital pada sistem komputer dengan mengandalkan kemampuan forensic technology dalam merekonstruksi data dan informasi dari file yang ada maupun yang sudah dihapus. Dengan demikian forensic technology merupakan alat yang tepat untuk membuktikan compliance (kepatuhan), baik kepatuhan terhadap hukum ataupun terhadap kode etik/norma perusahaan, khususnya korupsi. Pimpinan XYZ juga telah menyadari hal ini dan telah memerintahkan untuk menyusun prosedur penggunaan computer forensic sebagai alat audit internal. Pada karya akhir ini dilakukan uji coba untuk membuktikan (proof of concept) bahwa computer forensic yang telah dimiliki saat ini dapat membantu proses penemuan indikasi pelanggaran kode etik/norma, khususnya korupsi. Hasil dari penelitian ini adalah berupa model computer forensic dalam kegiatan fraud risk management pada proses bisnis XYZ beserta draft standard operating procedure (SOP) terkait pelaksanaan computer forensic.
ABSTRACT
Application of information technology (IT), instead of addition to helping a government agencies in steramlining the bureaucracy in the implementation of the basic tasks and roles of government agencies, relevant bureaucratic reform, also can be used for improvement of government agencies its self. In this case study where already launched an activity that aims to fixing up of government agency of Indonesia XYZ organization, on the instructions of XYZ?s regulatory commission.
In the fixing up the XYZ organization conducted review the risk in order to fraud risk management activity that one of scope of work is to do fraud risk assessment using forensic technology. The aim using forensic technolgy is to identify digital evidence on computer systems by relying on the ability of forensic technology in reconstructing the data and information from existing files or deleted. Thus forensic technology is a good tool for proving compliance (adherence), good adherence to the law or the code of ethics/norms of the company, particularly corruption. Chairs of XYZ has also been aware of this and has been ordered to draw up the use of computer forensic procedures as a tool of internal audit.
In this research conducted trials to prove (proof of concept) that computer forensic that has been held at this time can help the process of the invention indicated violations of the code of ethics/norms, particularly corruption. Results of this research is in the form of a model computer forensic in fraud risk management activity in the business process XYZ and draft of standard operating procedure (SOP) related to the implementation of computer forensic., Application of information technology (IT), instead of addition to helping a government agencies in steramlining the bureaucracy in the implementation of the basic tasks and roles of government agencies, relevant bureaucratic reform, also can be used for improvement of government agencies its self. In this case study where already launched an activity that aims to fixing up of government agency of Indonesia XYZ organization, on the instructions of XYZ’s regulatory commission.
In the fixing up the XYZ organization conducted review the risk in order to fraud risk management activity that one of scope of work is to do fraud risk assessment using forensic technology. The aim using forensic technolgy is to identify digital evidence on computer systems by relying on the ability of forensic technology in reconstructing the data and information from existing files or deleted. Thus forensic technology is a good tool for proving compliance (adherence), good adherence to the law or the code of ethics/norms of the company, particularly corruption. Chairs of XYZ has also been aware of this and has been ordered to draw up the use of computer forensic procedures as a tool of internal audit.
In this research conducted trials to prove (proof of concept) that computer forensic that has been held at this time can help the process of the invention indicated violations of the code of ethics/norms, particularly corruption. Results of this research is in the form of a model computer forensic in fraud risk management activity in the business process XYZ and draft of standard operating procedure (SOP) related to the implementation of computer forensic.]"
2015
TA-Pdf
UI - Tugas Akhir  Universitas Indonesia Library
cover
Dzikril Hakim Nur Hisyam
Audit kepatuhan keamanan informasi dengan menggunakan framework ISO 27001/ISMS: Studi kasus PT XYZ = Information security compliance audit with ISO 27001/ISMS framework: Case study PT XYZ
"Perkembangan teknologi informasi mempunyai risiko yang cukup signifikan terhadap suatu perusahaan. Selain dapat mempermudah dan mempercepat proses bisnis tetapi juga dapat membawa risiko dan ancaman terhadap perusahaan. Untuk itu diperlukan kontrol yang dapat memitigasi atau bahkan dapat menghilangkan risiko yang ada, sehingga teknologi informasi yang diterapkan organisasi dapat mendukung sepenuhnya kepentingan organisasi. Hal ini bertujuan agar teknologi informasi memberikan manfaat bagi organisasi.
Kondisi saat ini PT. XYZ telah melakukan berbagai usaha untuk dapat memitigasi atau bahkan menghilangkan risiko keamanan informasi yang ada, tetapi karena belum adanya kerangka kerja yang digunakan sehingga sulit bagi PT. XYZ untuk mengukur dan menjalankan keamanan informasi secara optimal.
Mengacu pada kondisi dan permasalahan di organisasi tersebut, maka perlu adanya evaluasi keamanan informasi untuk mengukur sejauh apa usaha PT. XYZ telah menerapkan keamanan informasi dan kontrol-kontrol apa yang perlu ditambahkan atau diperbaiki agar usaha PT. XYZ dalam menerapkan keamanan informasi menjadi optimal.
Pada penelitian ini menggunakan Framework ISO 27001:2005/ISMS. Melalui pendekatan audit keamanan informasi dengan menggunakan assessment checklist ISO 27001 dan penilaian risiko, dipilih sasaran perbaikan berdasarkan kontrol ISO 27001. Kontrol-kontrol ini nantinya diharapkan dapat memitigasi atau bahkan menghilangkan dampak yang ditimbulkan dari ancaman dan kerawanan yang ada dilingkungan organisasi PT. XYZ.
The development of information technology has a significant risk of a company. Besides being able to simplify and speed up business processes but can also bring risks and threats to the company. It is necessary to control that can mitigate or even eliminate existing risks, so that the applied information technology organizations can support fully the interests of the organization. It aims to provide the benefits of information technology to the organization.
Current conditions PT. XYZ has made various efforts to mitigate or even eliminate the risk of information security, but because of the absence of a framework used so difficult for PT. XYZ to measure and run an optimal information security.
Referring to the conditions and problems in the organization, hence the need for information security evaluation to measure the extent to which PT. XYZ has implemented information security and controls what needs to be added or improved in order PT. XYZ in implementing information security to be optimal.
In this study, using the Framework ISO 27001: 2005 / ISMS. Through approach to information security audit using a checklist ISO 27001 assessment and risk assessment, have been targets for improvement based on the control of ISO 27001. These controls might be expected to mitigate or even eliminate the impact of threats and vulnerabilities that exist within the organization PT. XYZ. "
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2015
TA-Pdf
UI - Tugas Akhir  Universitas Indonesia Library
<<   1 2 3   >>