Melwin Syafrizal


Information is the one of important asset for organization or business life, security defense, nation integrity, consumer or public trust. Confidentiality, integrity, and availability of the information have to be guarded. Information can be prepared in any formats such as text, audio visual, as well as video. It can be stored inside computer or other external storage media (such as harddisk, removable memory, CD, DVD, etc). It can be written on paper or other media.

            STMIK  AMIKOM Yogyakarta as growth higher education institution, has much data and important information that have to be good managed, be guarded its confidentiality, integrity, and availability, in other to reserve the right authority data access or information, it couldn’t be modified by some one has no right. Information must be accurate, up to date, and available when required.

            Data collection technique, adjust the standard/guidance from ISO/IEC 27001:2005, pervasive: survey (by examine and verify condition of computer network topology, and information security system), observation and evaluation the information security management system organization which has been exist with standardized theory and method, evaluation and analyze of the information security management system implementation that have been done, monitoring ISMS policy, evaluation and identification, risk possibility that might shown, and improvement effort that have been applied and planned to improve information security system in other to decrease security risk and system failure, literature study to search and discover correct reference as well as documented.



Information, Security, Management System, Standardization, Risk Assessment, Policy.