Penerapan Sistem Keamanan Informasi Pada Perusahaan PT. XYZ

Abstract

Information is an asset that, like other important assets, has value to an enterprise and consequently needs to be well protected. Information security practices protect information from a wide range of threats in order to guarantee business continuity, minimize business losses, and maximize profit and business opportunities. Information security is achieved by implementing a suitable set of controls, which could be policies, practices, procedures, organizational structures and software functions. These controls need to be established to ensure that specific security objectives of the organization are met. This Final Project produces a set of information security policies for the case of PT. XYZ, which complies with the standard ISO/IEC 17799:2000. These policies are established to meet the needs of PT. XYZ based on scientific studies. The result of this research can be used as a reference for enterprises with similar business domain as PT. XYZ.