Chance Evaluation and Improvement of Get to Control Data Security Administration Based On ISO/IEC 27001 at Telkom University Jakarta Campus

Abstract

The digital-based smart campus system, consisting of components such as the campus application, digital presence with QR code, and campus development dashboard, is one of the services offered by Telkom University Jakarta Campus. In addition, it utilizes artificial intelligence (AI) technology, especially image recognition, to support the Green Campus concept and increase environmental protection efforts, demonstrating the university's dedication to utilizing innovative technologies for a sustainable future. Therefore, the security of information assets is very important. Issues of confidentiality, integrity, and availability can arise if the information security system is not properly managed. This research aims to improve the security information system by conducting a risk assessment using the OCTAVE method. This risk assessment aims to identify the most significant impacts when risks occur and prioritize the most important risks. According to ISO/IEC 27001:2013, safety controls and targets are established. The results of this research are purpose and security management documents, risk management documents, and operational standards of procedures (SOPs). Risk management documents related to information security include risk assessment, risk identification, risk analysis, and evaluation at the campus. Standard Operational Procedures (SOP) documentation includes policy documents, work instructions, and work records that are consistent with the selection of objective controls and security controls for risk management.