Rancangan Tata Kelola Organisasi Sistem Manajemen Keamanan Informasi Dinas Komunikasi dan Informatika Kabupaten Bekasi

Currently, Bekasi Communications and Information Technology Agency (Diskominfo Bekasi) is implementing information security management systems. To measure the implementation process, it conducts a compliance audit process using a framework of ISO / IEC 27001: 2013. Results of the compliance audit indicate that there is a nonconformity issue, in which one of the findings relates to information security organization clause. Information security organization established by Communications and Information Technology Agency has not incorporated the whole role and responsibilities specified in the framework. Therefore, Communications and Information Technology Agency has made some adjustments by developing organization governance design, which specifies the roles and responsibilities required by ISO / IEC 27001: 2013 and those that have been set by Communications and Information Technology Agency regulations. The result of organization governance design of information security management systems at Communications and Information Technology Agency suggests that Communications and Information Technology Agency Head plays a role in one objective control, Head of Division of Technology Standardisation and Communication and Information Technology Application plays a role in five objective controls, the Communication and Information Technolog Application Section plays a role in two objective controls, the Secretariate plays a role in two objective controls, the Information and Communication Technology Infrastructure Section plays a role in five objective controls, and the Information and Communication Technologies Application Section play a role in four objective controls.