Mastering information security through standard implementation

Basri Ahmedi, Aferdita Ibrahimi

Abstract


This paper aims to enhance information security within an organization, considering the perennial concern for security in organizations utilizing ICT applications. Educational institutions also exhibit deficiencies in the domain of data security. The adoption of international organization for standardization (ISO) 27001-2013 served to pinpoint potential vulnerabilities and non-compliance with safety standards, aiming to minimize associated risks. Through this framework, an assessment of data security within public educational institutions in our country was conducted, focusing on a public university as a case study. Given the sensitive nature of this field, guidance is provided on identifying security-related issues based on ISO 27001 standards and on-ground situations. Surveys were employed, aligning with the required standards, to scan the prevailing situation. Data from surveys at public academic institution were collected and analyzed using the SPSS application. The findings underscore instances where security protocols can prevent or mitigate abuses, consequently enhancing the overall level of data security. Emphasizing education as a pivotal recommendation, this study advocates for educating personnel who handle sensitive data, derived from the application of these standards. This paper accounts for potential risks that could expose organizational weaknesses and thoroughly elucidates the steps and procedures undertaken in this approach, substantiated by illustrated examples.

Keywords


Cybersecurity; Data security keyword; ISO; Risk management; Standards

Full Text:

PDF


DOI: http://doi.org/10.11591/ijict.v13i3.pp428-435

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

The International Journal of Informatics and Communication Technology (IJ-ICT)
p-ISSN 2252-8776, e-ISSNĀ 2722-2616
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).

Web Analytics View IJICT Stats