The Design of Information Security Risk Management: A Case Study Human Resources Information System at XYZ University

Agus Anang, Arfive Gandhi, Yudho Giri Sucahyo

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Human Resource Information System (HRIS) as one of the vital information systems at XYZ University, is expected to provide support in accelerating the achievement of XYZ University's strategic goals as a healthy university based on Good University Governance (GUG) through accelerating the provision of relevant, timely, and quality information. However, the management of HRIS is still not in compliance with information security standards, as can be seen from several incidents and the management of these incidents, which are still accidental. The purpose of this study was to obtain a design for HRIS information security risk management. This study uses a qualitative method where data collection is done by interview, observation, and literature review. ISO/IEC 27005:2018 is used as an information security risk assessment, while risk control recommendation uses SNI ISO/IEC 27001:2013. This study resulted in 40 of these risks: 12 High risks, 19 Moderate risks, six Low risks, and three Very Low risks. The results of this study are the design of HRIS's information security risk management at XYZ University.

Original languageEnglish
Title of host publicationProceedings - 2021 4th International Conference on Computer and Informatics Engineering
Subtitle of host publicationIT-Based Digital Industrial Innovation for the Welfare of Society, IC2IE 2021
EditorsIklima Ermis Ismail, Indra Hermawan, Muhammad Yusuf Bagus Rasyidin, Malisa Huzaifa, Asep Taufik Muharram, Noorlela Marcheeta, Dewi Kurniawati, Ade Rahma Yuly, Maria Agustin, Rizki Elisa Nalawati, Dodon Turianto Nugrahadi, Irwan Budiman
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages198-203
Number of pages6
ISBN (Electronic)9781665442886
DOIs
Publication statusPublished - 2021
Event4th International Conference on Computer and Informatics Engineering, IC2IE 2021 - Virutal, Depok, Indonesia
Duration: 14 Sep 2021 → …

Publication series

NameProceedings - 2021 4th International Conference on Computer and Informatics Engineering: IT-Based Digital Industrial Innovation for the Welfare of Society, IC2IE 2021

Conference

Conference4th International Conference on Computer and Informatics Engineering, IC2IE 2021
Country/TerritoryIndonesia
CityVirutal, Depok
Period14/09/21 → …

Keywords

  • HRIS
  • information security risk management
  • SNI ISO/IEC 27001:2013
  • SNI ISO/IEC 27005:2018

Fingerprint

Dive into the research topics of 'The Design of Information Security Risk Management: A Case Study Human Resources Information System at XYZ University'. Together they form a unique fingerprint.

Cite this