Hasil Pencarian  ::  Simpan CSV :: Kembali

"ABSTRAKBerkaitan dengan organisasi pemantauan keamanan Cyber nasional untuk publik, Indonesia memiliki tim insiden respon terhadap gangguan dan ancaman keamanan internet ID-SIRTII/CC (Indonesia Security Incident Response Team on Internet Infrastructure coordination centre) yang bertugas melakukan pengamanan pemanfaatan jaringan telekomunikasi berbasis protokol internet di Indonesia dimana menurut Peraturan Menteri nomor 16/PER/M.KOMINFO/10/2010 yang memiliki peran mendukung terlaksananya proses penegakan hukum, menciptakan lingkungan dan pemanfaatan jaringan telekomunkasi berbasis protokol internet yang aman dari berbagai macam potensi ancaman dan gangguan, Mendukung terlaksananya koordinasi dengan pihak pihak terkait di dalam maupun luar negeri dalam upaya pencegahan, pendeteksian, peringatan dini dan mitigasi insiden pada infrastruktur strategis.ID-SIRTII/CC dalam kegiatan operasionalnya mengandalkan TI untuk menunjang fungsi dan tugasnya dalam pelayanan publik. Tingginya tingkat ketergantungan organisasi terhadap TIK diperlukan manajemen risiko TI untuk mengurangi atau memperkecil risiko risiko yang terjadi. Sesuai dengan permen kominfo no.41 tahun 2007 bahwa dalam melakukan tata kelola TI oleh institusi pemerintahan diperlukan manajemen risiko atas keberlangsungan layanan.Pada Karya akhir ini disusun evaluasi terhadap manajemen risiko sistem monitoring ID-SIRTII/CC dengan menggunakan kerangka kerja NIST sp800-30. Perancangannya dimulai dari identifikasi Risiko,Mitigasi Risiko dan Evaluasi terhadap risiko yang ada untuk kemudian mendapatkan rekomendasi kontrol yang diperlukan untuk sistem monitoring ID-SIRTII/CC.

---

ABSTRACTIn connection with the organization of national cyber security monitoring to the public, Indonesia has incident response team to interference and internet security threats named ID-SIRTII/CC (Indonesia Security Incident Response Team on Internet Infrastructure coordination centers). which aims to safeguard the use of internet protocol based telecommunications network in Indonesia where, according to Regulation No. 16 / PER / M.KOMINFO / 10/2010 which has the role of support the implementation of the law enforcement process, creating environmental and utilization of telecommunication networks based on Internet protocols that are safe from various kinds of potential threats and disturbances, Supports implementation in coordination with the relevant parties at home and abroad in the prevention, detection, early warning and mitigation of incidents in strategic infrastructure.ID-SIRTII/CC in its operations rely on IT to support the functions and duties in the publik service. The high level of dependence on ICT organizations IT risk management is needed to reduce or minimize the risk of the risk. In accordance with Kominfo regulation no.41 of 2007 that in performing IT governance by government institutions necessary risk management on the sustainability of the service.At the end of the work is structured evaluation of risk management monitoring system with the ID-SIRTII/CC using sp800-30 NIST framework. Its design starting from risk identification, Risk Mitigation and evaluation of the risks that exist to then get recommendations necessary controls for monitoring systems Of ID-SIRTII/CC."

"Keamanan informasi sudah menjadi prioritas utama dalam organisasi yang modern. Dalam peraturan pemerintah nomor 82 tahun 2012 bahwa penyelenggara sistem elektronik wajib memiliki dan menjalankan prosedur dan sarana untuk pengamanan sistem elektronik. Kemenlu hingga saat ini sudah mempunyai 108 aplikasi, di antara aplikasi tersebut digunakan untuk pengelolaan informasi dalam pelayanan dan perlindungan Warga Negara Indonesia. Terdapat beberapa ancaman yang dapat mengganggu ketersediaan, kerahasiaan maupun keutuhan data atau informasi di lingkungan Kemenlu. Salah satu penyebab terjadinya ancaman dan gangguan tersebut disebabkan karena belum adanya kebijakan keamanan informasi di lingkungan Kemenlu.Penelitian ini mempunyai klasifikasi penelitian studi kasus dan action research. Kerangka kerja yang digunakan dalam perancangan kebijakan keamanan informasi ini menggunakan kerangka kerja ISO/IEC 27001:2013. Wawancara dilakukan pada pejabat-pejabat struktural dan staf teknis pada Pusat Teknologi Informasi dan Komunikasi Kementerian dan Perwakilan PusTIK KP untuk mengambil data kualitatif. Penelitian ini mendapatkan 30 kontrol pada Annex A yang dapat diterapkan dan dijadikan rancangan dokumen kebijakan keamanan informasi pada lingkungan Kementerian Luar Negeri.

---

Information security has become a top priority in modern organizations. In Peraturan Pemerintah number 82 of 2012 that the organizers of electronic systems should have and implemented procedures and tools for securing electronic systems. Kemenlu up to now already has 108 applications, some of the applications are used for information management in the service and protection of Indonesian Citizens. There are several threats that could interfere with the availability, confidentiality and integrity of data or information within the Kemenlu. One of the causes of such threats and disturbances is caused by Kemenlu still don rsquo t have information security policy.

This research has a classification case study and action research. The framework used in the design of this information security policy uses the ISO IEC 27001 2013 framework. Interviews were conducted with structural officials and technical staff at Pusat Teknologi Informasi dan Komunikasi Kementerian dan Perwakilan PusTIK KP to obtain qualitative data. The research found 30 control in Annex A that can be applied and used as draft of information security policy on the environment of the Ministry of Foreign Affairs."

"ABSTRAKBadan Penelitian dan Pengembangan Kesehatan (Badan Litbang Kesehatan) adalah lembaga riset pemerintah di bawah Kementerian Kesehatan. Sebagai lembaga riset pemerintah, Badan Litbang Kesehatan memiliki sejumlah aset informasi untuk mendukung tugas dan fungsi organisasi dalam penelitian dan pengembangan di bidang kesehatan. Selama kurun waktu lima tahun terakhir terjadi banyak insiden keamanan informasi baik dari internal maupun eksternal seperti email phising, perusakan aplikasi, hilang dan rusaknya data akibat ketidaksengajaan, dan lain sebagainya yang mengancam kinerja organisasi. Ancaman-ancaman tersebut membahayakan dan menyebabkan kerugian bagi organisasi seperti kerugian finansial, hilangnya data, atau bahkan hilangnya kredibilitas organisasi.Keamanan informasi adalah upaya melindungi dan mengamankan aset informasi dari ancaman yang membahayakan aset informasi. Upaya perlindungan dan pengamanan aset informasi bukan hanya mengenai penjagaan infrastruktur dan perangkat keras serta perangkat lunak dari eksternal. Salah satu faktor pentingnya adalah faktor sumber daya manusia sebagai internal organisasi yang menjadi mata rantai paling lemah dalam sistem keamanan informasi sehingga kunci dari keamanan informasi adalah pada kesadaran dalam mengamankan informasi. Oleh karenanya, pengukuran tingkat kesadaran keamanan informasi menjadi sangat penting dalam upaya peningkatan keamanan informasi untuk dapat menentukan kebijakan yang tepat di dalam organisasi.Penelitian dilakukan di Badan Litbang Kesehatan yang bertujuan mengukur tingkat kesadaran keamanan informasi pada pegawai. Pengumpulan data dilakukan menggunakan kuesioner yang mengukur dimensi pengetahuan, sikap, dan perilaku dengan fokus area sesuai dengan kebutuhan di internal Badan Litbang Kesehatan. Hasil penelitian menunjukkan tingkat kesadaran keamanan informasi pegawai Badan Penelitian dan Pengembangan Kesehatan berada pada tingkat sedang. Oleh karena itu, perlu dilakukan pengawasan dan evaluasi untuk meningkatkan tingkat

---

ABSTRACTNational Institute of Health Research and Development (NIHRD) is a government research institution under coordination of The Ministry of Health. As a government research institution, NIHRD has a number of information assets to support the duties and functions of organizations in research and development in the health sector. Over the past five years there have been many information security incidents at NIHRD from both internal and external, such as phishing e-mail, application and website destruction, data loss and damage due to accident, etc. that potentially threaten organizational performance. These threats can harm the organization such as financial loss, loss of data, or even loss of organizational credibility.Information security is an effort to protect and secure information assets from threats that can endanger information assets. Efforts to protect and safeguard an organization's information assets from threats are not only about safeguarding infrastructure, hardware and software from outside attacks. One important factor is the factor of human resources as an internal organization which is the weakest link in the information security system, so the key to information security is awareness in securing information. Therefore, measuring the level of information security awareness is very important in efforts to improve information security to be able to determine the right policy in the organization itself.This research will be conducted at NIHRD with the aim to measure the level of information security awareness for employees. Data collection was carried out using a questionnaire that would measure the dimensions of knowledge, attitudes, and behavior in respondents with a focus on information security areas in accordance with the internal needs of NIHRD. The result shows that information security awareness of NIHRD in the middle level. That is why NIHRD needs supervision and evaluation to improve awareness level of its employee.

"

"ABSTRAKBadan Pusat Statistik (BPS) merupakan lembaga non kementrian yang melaksanakan kegiatan statistik. Salah satu sasaran strategisnya adalah meningkatkan jumlah pemasukan dokumen (response rate). Pada tahun 2017, harapannya response rate dari setiap kegiatan sensus dan survei tahun 2017 tercapai 100% dari berbagai metode pengumpulan data baik menggunakan kertas maupun internet. Kenyataannya hanya 62 dari 104 kegiatan sensus dan survei (59,61%) mencapai target. Masalah muncul dari gap antara kenyataan dan harapan, yaitu terdapat 40,39% kegiatan sensus dan survei yang tidak mencapai target. Salah satu akar permasalahan target response rate tidak tercapai karena metode pengumpulan data dengan teknologi e-survey tidak mencapai target response rate yang diharapkan. Penelitian ini bertujuan untuk menganalisis faktor-faktor yang memengaruhi response rate dari e-survey di BPS serta memberikan rekomendasi untuk meningkatkannya. Metode yang digunakan dalam penelitian adalah studi kasus dengan kuantitatif melalui survei dan kualitatif untuk penyusunan rekomendasi. Daftar variabel dan indikator didapat dari hasil literatur yaitu berdasarkan Theory of Planned Behavior, Cognitive Dissonance Theory, Gamification Theory, Social Exchange Theory dan Preference of Device. Daftar variabel dan indikator kemudian divalidasi oleh expert menggunakan Delphi Technique. Pengumpulan data dilakukan kepada perusahaan yang terdaftar memiliki email di Sensus Ekonomi 2016 dan rumah tangga di wilayah rural dan urban Kabupaten Bogor. Hasil pengumpulan data didapat 41 respon perusahaan dan 106 respon rumah tangga yang valid. Analisis data dalam penelitian ini menggunakan Partial Least Squares Structured Equation Model (PLS-SEM). Hasil penelitian menunjukkan faktor yang signifikan berpengaruh secara positif pada responden rumah tangga adalah attitude, legal punishment dan trust, sedangkan faktor yang signifikan berpengaruh secara positif pada responden perusahaan adalah preference of device dan trust.

---

ABSTRACT

Central Bureau of Statistics is a non-ministerial institution that carries out statistical activities. One of the strategic objectives set is to increase in the number of document submissions (response rates). In 2017, it is expected that the response rate of each 2017 census and survey activity will be 100% from various methods of data collection both using paper and the internet. In fact only 62 out of 104 census and survey activities (59.61%) reached the target. The problem arises from the gap between reality and expectations, where there are 40.39% of census and survey activities that do not reach the target. One of the root causes of the target response rate is not achieved because the method of data collection using e-survey technology has not reached the expected target response rate. This study aims to analyze the factors that affect the response rate of e-surveys at Central Bureau of Statistics and provide recommendations for raising it. The method used in this research is a quantitative case study through surveys and qualitative for give recommendations. The list of variables and indicators is obtained from the literature results which are based on Theory of Planned Behavior, Cognitive Dissonance Theory, Gamification Theory, Social Exchange Theory and Preference of Device. The list of variables and indicators is then validated by the expert using Delphi Technique. Data collection was conducted for companies registered with e-mail at the 2016 Economic Census and households in rural and urban areas of Bogor District. The results of data collection obtained 41 company responses and 106 valid household responses. Data analysis in this study used the Partial Least Squares Structured Equation Model (PLS-SEM). The results showed that the factors that have a significant positive effect on household respondents are attitude, legal punishment and trust, while factors that have a significant positive effect on company respondents are preference of devices and trust."

"

Keberhasilan organisasi dalam mencapai tujuan strategisnya tergantung dari banyak faktor, di antaranya adalah

manajemen portofolio proyek, terutama untuk organisasi yang bertipe proyek. PT XYZ sebagai salah satu

organisasi vendor pengembang perangkat lunak yang bertipe proyek, pada tahun 2018/2019 memiliki target profit

sebesar Rp 3 milyar, tetapi mengalami kerugian finansial sebesar Rp 9 milyar. Dalam karya akhir ini dianalisis

penyebab kerugian finansial PT XYZ yang terdiri atas permasalahan multidimensional dari tinjauan teori segitiga

strategis sistem informasi. Permasalahan manajemen portofolio proyek TI termasuk dalam dimensi strategi

organisasi dan terdiri atas komponen-komponen yang mengatur tata kelola proyek. Penelitian ini menggunakan

desain kualitatif dengan model manajemen portofolio proyek TI yang mengacu pada kerangka kerja Management

of Portfolios (MoP) dari Axelos. Wawancara dilakukan terhadap lima pakar dengan spesifikasi sebanding sebagai

bahan masukan untuk melakukan perancangan. Setelah penelitian dilakukan, sebuah rancangan manajemen

portofolio proyek TI proyek yang cocok untuk PT XYZ bisa direkomendasikan yang meliputi dimensi: keselarasan

tujuan strategis, tata kelola, prinsip acuan, siklus hidup & proses, peran PMO, struktur organisasi, budaya

organisasi, dan tools. Harapannya dengan menerapkan manajemen portofolio proyek TI proyek sesuai dengan

usulan solusi dari penelitian ini, PT XYZ diharapkan bisa mencapai target finansialnya.
 

---

The success of an organization in achieving its strategic objectives depends on many factors, including project

portfolio management (PPM). PT XYZ as one of the vendors of software development organization, in 2018/2019

had financial target of Rp 3 billion but suffered financial loss of Rp 9 billion. In this final paper, the analysis of

the causes of financial losses of PT XYZ consists of multidimensional problems from the review of information

systems strategic triangle theory. PPM issues are included in the dimension of organizational strategy. So, to solve

the root problems at PT XYZ, portfolio management needs to be designed in accordance with guidelines of

international best practices. This study uses a qualitative design with a PPM model that refers to Management of

Portfolios (MoP) from Axelos. Interviews have been conducted with five experts with reputable qualification.

After the research is done, a PPM design was proposed for PT XYZ that consist of the following dimensions:

strategic objective alignment, governance, principles, life cycle & processes, PMO role, organization structure,

organization culture, and tools. Hopefully, by implementing the project portfolio management in accordance with

the proposed solutions from this study, PT XYZ can achieve its financial targets.
 

"

"Pedoman Sekretaris Jenderal Kementerian Kominfo tentang Tata Kelola Teknologi Informasi Kementerian Komunikasi dan Informatika yang diperkuat oleh Nota Dinas Sekretaris Jenderal menyebutkan agar satuan organisasi fungsi TI Saturan Organisasi Fungsi TI mewujudkan transparansi atas kualitas setiap layanan TI dengan membuat kesepakatan secara formal dan mendefinisikannya dalam katalog layanan untuk menyepakati tingkat layanan secara selektif yang dapat diberikan dan diterima, namun dari wawancara diketahui bahwa layanan TI untuk kalangan internal di Ditjen SDPPI, saat ini belum memiliki kesepakatan kualitas layanan TI (Service Level Agreement). Penelitian ini berusaha untuk melakukan kategorisasi dan prioritasi layanan TI yang akan dibuatkan SLA, sehingga akhirnya terpilih layanan internet, email, dan web. Dalam menyusun rancangan Service Level Agreement akan digunakan kerangka kerja ITIL V3 2011 yang telah terbukti memiliki keunggulan dan manfaat dalam penerapannya. Metode olah data yang digunakan adalah metode Delphi dengan mengumpulkan dan menilai masukan melalui kuisioner. Untuk menghitung tingkat konsensus digunakan Quartile Deviation (QD), sedangkan untuk menghitung tingkat kepentingan digunakan nilai median.

---

Guidelines on Information Technology Governance from The Secretary General of The Ministry of Communication and Informatics which is supported by the Secretary General Note stated that IT function organization units in the IT Function Organization realize the quality of each IT service by making Service Level Agreements, but from the results of interview there is Service Level Agreement for IT services at internal of the Directorate General of SDPPI.

This research attempts to categorize and prioritize IT services that will be made SLA, so that finally internet, email and web services are chosen. This research used ITIL V3 2011 as framework to design the Service Level Agreement. The usage of ITIL V3 2011 has been proven to have advantages and benefits in its application. The method of using the data used is the Delphi method by collecting and evaluating inputs through questionnaires. To calculate the level of consensus, a quartile deviation (QD) is used, while the median value is used to calculate the level of importance."

"[ ABSTRAKLayanan infrastruktur teknologi informasi TI merupakan salah satu dari sekian faktor yang dapat memberikan keunggulan kompetitif bagi sebuah perusahaan di mana faktor ini sebagai pondasi dasar dari ketersediaan layanan bisnis yang memiliki kemampuan perubahan yang cepat dan tak terduga Perusahaan perlu bereaksi cepat dalam menghadapi masalah maupun peluang dalam memanfaatkan infrastruktur TI tersebut secara optimal Transformasi teknologi yang dicanangkan oleh Finnet merupakan salah satu bentuk reaksi tersebut dengan slogannya ldquo Always On and Global Class Infrastructure rdquo Harapan akan infrastruktur TI di Finnet yang mampu menerapkan transformasi teknologi tersebut sebagai permasalahan yang muncul dan akan dibahas dalam penelitian ini Sebelum melakukan perbaikan perlu dilakukan evaluasi terlebih dahulu untuk mengetahui kondisi saat ini Tahapan evaluasi yang dilakukan penelitian ini dimulai dari penerapan kerangka kerja COBIT 5 yang digunakan untuk memetakan kebutuhan pemangku kepentingan hingga menjadi proses proses yang akan dievaluasi Kerangka kerja ITIL 2011 digunakan untuk memberikan fokus dan detil yang lebih baik terhadap evaluasi layanan infrastruktur TI Standar ISO IEC 15504 tentang Process Assessment digunakan sebagai metode dalam menghitung tingkat kapabilitas proses proses ITIL 2011 tersebut Kombinasi ketiga metode tersebut memberikan dimensi baru akan kemungkinan untuk menerapkan standar pengukuran kematangan COBIT 5 pada ITIL 2011 Rekomendasi perbaikan yang dihasilkan dalam penelitian ini terdiri dari dua deliverable yaitu prioritisasi proses proses yang perlu diperbaiki atau ditingkatkan kapabilitasnya berdasarkan Importance Performance Analysis IPA dan rekomendasi metrik Critical Success Factor CSF dan Key Performance Index KPI berdasarkan ITIL 2011 beserta rekomendasi perbaikan secara generik yang disusun untuk meningkatkan kapabilitas proses yang diteliti

---

ABSTRACT

Infrastructure services of information technology IT is one of the factors that can provide a competitive advantage for a company where this factor as the basic foundation of the availability of business services that have the ability to change quickly and unexpectedly Companies need to react quickly to problems and opportunities in the use of the IT infrastructure optimally Transformation technology launched by Finnet is one form of the reaction with the slogan Always On and Global Class Infrastructure There is vision of IT infrastructure in Finnet to capable of implementing such technology transformation as problems that arise and will be discussed in this study Before doing repairs need to be done prior evaluation to determine current conditions Stages of the evaluation conducted by this study starts from the application of the COBIT 5 framework is used to map the stakeholders needs to be COBIT 5 processes that will be evaluated ITIL 2011 framework is used to provide focus and better detail on the evaluation of IT infrastructure services Standard ISO IEC 15504 on Process Assessment is used as a method to calculate the level of capability of the processes of the ITIL 2011 The combination of these three methods give a new dimension that shows possibility to apply the measurement standard maturity on COBIT 5 to ITIL 2011 Recommendations for improvement generated in this study consisted of two deliverables namely prioritization processes need to be improved or enhanced capabilities based on Importance Performance Analysis IPA and the recommendation metrics Critical Success Factor CSF and Key Performance Index KPI based on ITIL 2011 along with recommendations for improvement generically prepared to increase the capabilities of the processes under this study ;Infrastructure services of information technology IT is one of the factors that can provide a competitive advantage for a company where this factor as the basic foundation of the availability of business services that have the ability to change quickly and unexpectedly Companies need to react quickly to problems and opportunities in the use of the IT infrastructure optimally Transformation technology launched by Finnet is one form of the reaction with the slogan Always On and Global Class Infrastructure There is vision of IT infrastructure in Finnet to capable of implementing such technology transformation as problems that arise and will be discussed in this study Before doing repairs need to be done prior evaluation to determine current conditions Stages of the evaluation conducted by this study starts from the application of the COBIT 5 framework is used to map the stakeholders needs to be COBIT 5 processes that will be evaluated ITIL 2011 framework is used to provide focus and better detail on the evaluation of IT infrastructure services Standard ISO IEC 15504 on Process Assessment is used as a method to calculate the level of capability of the processes of the ITIL 2011 The combination of these three methods give a new dimension that shows possibility to apply the measurement standard maturity on COBIT 5 to ITIL 2011 Recommendations for improvement generated in this study consisted of two deliverables namely prioritization processes need to be improved or enhanced capabilities based on Importance Performance Analysis IPA and the recommendation metrics Critical Success Factor CSF and Key Performance Index KPI based on ITIL 2011 along with recommendations for improvement generically prepared to increase the capabilities of the processes under this study , Infrastructure services of information technology IT is one of the factors that can provide a competitive advantage for a company where this factor as the basic foundation of the availability of business services that have the ability to change quickly and unexpectedly Companies need to react quickly to problems and opportunities in the use of the IT infrastructure optimally Transformation technology launched by Finnet is one form of the reaction with the slogan Always On and Global Class Infrastructure There is vision of IT infrastructure in Finnet to capable of implementing such technology transformation as problems that arise and will be discussed in this study Before doing repairs need to be done prior evaluation to determine current conditions Stages of the evaluation conducted by this study starts from the application of the COBIT 5 framework is used to map the stakeholders needs to be COBIT 5 processes that will be evaluated ITIL 2011 framework is used to provide focus and better detail on the evaluation of IT infrastructure services Standard ISO IEC 15504 on Process Assessment is used as a method to calculate the level of capability of the processes of the ITIL 2011 The combination of these three methods give a new dimension that shows possibility to apply the measurement standard maturity on COBIT 5 to ITIL 2011 Recommendations for improvement generated in this study consisted of two deliverables namely prioritization processes need to be improved or enhanced capabilities based on Importance Performance Analysis IPA and the recommendation metrics Critical Success Factor CSF and Key Performance Index KPI based on ITIL 2011 along with recommendations for improvement generically prepared to increase the capabilities of the processes under this study ]"