{"title":"Information Security Governance and Management Capability Assessment: A Lesson Learned from Directorate General of Taxes","authors":"Bandi Ashari","doi":"10.17933/JPPI.2020.100102","DOIUrl":null,"url":null,"abstract":"The information has an important role in improving the business operation and serving the decision-making process. The emerging of e-commerce and e-government require more frequent data exchanges included sensitive data. This study will focus on looking at the portrait of the Directorate General of Tax (DGT) in planning and building the ability to enforce IT governance, especially those related to information security. In addition, this research can also be used as a DGT basis for continuous improvement. We use the ISGM capability model to combine COBIT 5 and ISO 27001 as an approach to measure the capability of organizations in governing and manage their information security. We found that DGT’s information security governance and management capability at overall is at level well defined. Almost of ISGM building blocks has been established according to tailor-made policy and standard. With this capability level, DGT’s ISGM could contribute to the business as shown in several DGT’s program. But, to get optimal value from ISGM DGT need to improve the capability level, especially related to organizational aspects like alignment with business strategies and resource management.","PeriodicalId":31332,"journal":{"name":"Jurnal Penelitian Pos dan Informatika","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Jurnal Penelitian Pos dan Informatika","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17933/JPPI.2020.100102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The information has an important role in improving the business operation and serving the decision-making process. The emerging of e-commerce and e-government require more frequent data exchanges included sensitive data. This study will focus on looking at the portrait of the Directorate General of Tax (DGT) in planning and building the ability to enforce IT governance, especially those related to information security. In addition, this research can also be used as a DGT basis for continuous improvement. We use the ISGM capability model to combine COBIT 5 and ISO 27001 as an approach to measure the capability of organizations in governing and manage their information security. We found that DGT’s information security governance and management capability at overall is at level well defined. Almost of ISGM building blocks has been established according to tailor-made policy and standard. With this capability level, DGT’s ISGM could contribute to the business as shown in several DGT’s program. But, to get optimal value from ISGM DGT need to improve the capability level, especially related to organizational aspects like alignment with business strategies and resource management.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
