ABSTRAK Tesis ini mencoba menganalisis sistem manajemen pangarnanan informasi padaMerchant Bank Permata, atas terjadinya peristiwa fraud banking melalui mesinelektronik darn capture di Merchant Bank Permata yang telah dilaporkan di PoldaMetro Jaya pada 12 April 2010. Penelitiannya menggunakan penelitian kualitatif,clengan teknik pengumpulan data melalui wawancara mendalam, pengamatan, danstudi dokumen. Wawancara mendalam difokuskan terhadap sistem manajemenpengamanan pada proses akuisisi Merchant Bank Permata dan alur transaksielektronik melalui mesin EDC di Merchant Bank Permata, faktor-faktor yangmempengaruhi terjadinya fraud Banking di Merchant Bank Permta, serta upayauntuk memperbaikinya. Sedangkan pengamatan di fokuskan terhadap caramelakukan transaksi elektronik dimulai dari transaski on-line, ojllfne, settlement danpayment. Selanjutnya studi doklmien difokuskan pada berkas perkarajraud bankingyang dilaporkan di Polda Metro Jaya dan Standar operasional prosedur Sistemmanajernen pengamanan informasi pada Merchant Bank Permata. Hasii penelitianmembuktikan sistem manajemen pengamananan informasi di Merchant BankPermata, tidak memilki sistem yang baik, karena pada proses akuisisi merchantinfomnasi atau data tidak memenuhi aspek integritas, kerahasian, dan ketersediaan,begitu pula pada proses transaksi elektronik. Hal ini dipengaruhi faktor manusia,proses atau sistem, dan teknologi sistern manajemen pengamanan infomiasi. Adapuncara untuk memperbaikinya pada proses akuisisi merchant harus ada bagian atau unityang menganalisa pemohon merchant dan pada proses transasksi elektronikmenambah sistem untuk mengalisa vatiditas dimulai dari transaksi on-line, of-line,dan settlement, yaitu menambah sistem terminal transaction line. Abstract This thesis attempts to analyze information security management system on BankPermata in regard with the case of fraud banking through electronic data capturemachine at Bank Permata?s merchants which was reported to Jakarta MetropolitanPolice on 12 April 2010. This research exercised a qualitative approach which datawere collected through in-depth interview, observations and document study. The in-depth interview focussed on security management system during the acquisition ofBank Permata?s merchants and electronic transaction chart through electronic datacapture machine at those merchants, factors affecting Iliad banking occurred as wellas all the restoration efforts taken. Observations focussed on the procedure ofelectronic transaction, which started from on line transaction, off line settlement andpayment. Meanwhile, document study focussed on dossiers of fraud banking casesreported to Jakarta Metropolitan Police and Standard Operational Procedure ofinformation Security Management System on Bank Permata?s Merchants. Thisresearch finds that the information Security Management System was not well-established since information collected during the acquisition process and electronictransaction process were not qualified in the aspects of integrity, confidentiality andavailability which was affected by Several factors such as the human involved, thesystem it self as well as information security management system technology. Theresearcher proposes, that in order to restore the system, t11ere should be a particularsection dining the acquisition process to analyze merchant requestor?s validity whilstduring the electronic transaction, a terminal encryptions line added to the system toanalyze the validity of information both on-line transaction and off-line settlementas well as the payment. |