[vc_empty_space][vc_empty_space]
Measuring effectiveness of control of information security management system based on SNI ISO/IEC 27004: 2013 standard
Aldya A.P.a, Sutikno S.b, Rosmansyah Y.b
a Informatics Engineering Siliwangi University, Indonesia
b School of Electrical Engineering and Informatics, Institute Technology of Bandung, Indonesia
[vc_row][vc_column][vc_row_inner][vc_column_inner][vc_separator css=”.vc_custom_1624529070653{padding-top: 30px !important;padding-bottom: 30px !important;}”][/vc_column_inner][/vc_row_inner][vc_row_inner layout=”boxed”][vc_column_inner width=”3/4″ css=”.vc_custom_1624695412187{border-right-width: 1px !important;border-right-color: #dddddd !important;border-right-style: solid !important;border-radius: 1px !important;}”][vc_empty_space][megatron_heading title=”Abstract” size=”size-sm” text_align=”text-left”][vc_column_text]© Published under licence by IOP Publishing Ltd.One of the keys to the successful implementation of information security management in an organization is the selection and implementation of an information security management system control that is good and in accordance with the needs of the organization, the information security management system control can be adopted based on ISO/IEC 27001: 2013 standard document. To ensure the success of information security controls, it is necessary to measure the effectiveness of each control applied. SNI ISO/IEC 27004: 2013 is a standard that provides guidance on the development and use of measures and measurements to assess the effectiveness of controls and control groups in the information security management system as stated in the ISO/IEC 27001 standard, but to do the measurement process, required objects and measurement attributes and metrics, which are not explained in detail in the ISO ISO/IEC 27004: 2013 standard. This study aims to assist in measuring the effectiveness of information security management control by generating the flow of steps in determining the object and measurement parameters and the metrics used based on the provisions contained in the ISO ISO/IEC 27004: 2013 standard.[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Author keywords” size=”size-sm” text_align=”text-left”][vc_column_text]Control groups,Information security controls,Information security management systems,Information security managements,ISO/IEC,Measurement parameters,Measurement process,Standard documents[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Indexed keywords” size=”size-sm” text_align=”text-left”][vc_column_text][/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Funding details” size=”size-sm” text_align=”text-left”][vc_column_text][/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”DOI” size=”size-sm” text_align=”text-left”][vc_column_text]https://doi.org/10.1088/1757-899X/550/1/012020[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/4″][vc_column_text]Widget Plumx[/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row][vc_column][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][/vc_column][/vc_row]