Analisis Tingkat Keamanan Informasi: Studi Komparasi Framework Cobit 5 Subdomain Manage Security Services (DSS05) dan NIST Sp 800 – 55

Abstract

Information technology is a very important part of the organization. IT is expected to provide a good profit for the company. However, as technology evolves, it is often exploited by some irresponsible parties that can lead to the emergence of threats and risks from the use of technology. The organization needs to measure the level of information security to identify the system's weaknesses and threats to the organization. Standards for measuring information security are COBIT 5 subdomain manage security services (DSS05) and NIST SP 800-55 revision 1. This study is comparing the two standards. Comparative analysis uses qualitative analysis based on three aspects in information security that are confidentiality, integrity, and availability. Based on the analysis result obtained the advantages and disadvantages of each standard.