SlideShare a Scribd company logo

Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015

Download as PPTX, PDF
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

Usulan untuk PRM terkait Kaminfo

Education
1 of 23
1 Usulan Keamanan Informasi dan Sistem Manajemen Layanan serta Kualitas Data Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Anggota PT35-01 Teknologi Informasi PusTIKNas, Ciputat 12 Agustus 2015
Current: • Cybersecurity Nexus Liaison, ISACA Indonesia Chapter • ISACA Academic Advocate at ITB • SME for Information Security Standard for ISO at ISACA HQ • Associate Professor at School of Electrical Engineering and Informatics, Institut Teknologi Bandung • Ketua WG Layanan dan Tata Kelola TI, anggota WG Keamanan Informasi serta Anggota Panitia Teknis 35-01 Program Nasional Penetapan Standar bidang Teknologi Informasi, BSN – Kominfo. Past: • Ketua Kelompok Kerja Evaluasi TIK Nasional, Dewan TIK Nasional (2007-2008) • Plt Direktur Operasi Sistem PPATK (Indonesia Financial Transaction Reports and Analysis Center, INTRAC), April 2009 – May 2011 Professional Certification: • Professional Engineering (PE), the Principles and Practice of Electrical Engineering, College of Engineering, the University of Texas at Austin. 2000 • IRCA Information Security Management System Lead Auditor Course, 2004 • ISACA Certified Information System Auditor (CISA). CISA Number: 0540859, 2005 • Brainbench Computer Forensic, 2006 • (ISC)2 Certified Information Systems Security Professional (CISSP), No: 118113, 2007 • ISACA Certified Information Security Manager (CISM). CISM Number: 0707414, 2007 Award: • (ISC)2 Asia Pacific Information Security Leadership Achievements (ISLA) 2011 award in category Senior Information Security Professional. http://isc2.org/ISLA 2 Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM
Presentation: KamInfo.ID5 5 KEAMANAN INFORMASI VERSIISACA Information security is a business enabler that is strictly bound to stakeholder trust, either by addressing business risk or by creating value for an enterprise, such as competitive advantage. At a time when the significance of information and related technologies is increasing in every aspect of business and public life, the need to mitigate information risk, which includes protecting information and related IT assets from ever-changing threats, is constantly intensifying. ISACA defines information security as something that: Ensures that information is readily available (availability), when required, and protected against disclosure to unauthorised users (confidentiality) and improper modification (integrity).
Presentation: KamInfo.ID6 6 KEAMANAN INFORMASI ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
Presentation: KamInfo.ID7 7 KEAMANAN NASIONAL ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
8
Kategori Kontrol berbasis Risiko 9 Source: Transforming Cybersecurity: Using COBIT 5, ISACA, 2013
Kerangka dan Standar – tinjauan SNI ISO 38500 COSO PP60/ 2008 COBIT ITIL v2 ITIL v3 SNI ISO 20000 SNI ISO 2700x SNI ISO 900x Common Criteria SNI ISO 15408 boardlevelmanagementtechnical SNI ISO 27013
ISO/IEC JTC 1/SC 40 - IT Service Management and IT Governance ISO/IEC 20000-1:2011 SNI ISO/IEC 20000-1:2013 Teknologi Informasi - Manajemen Layanan - Bagian 1: Persyaratan sistem manajemen layanan IEEE Std 20000-1-2013 ISO/IEC 20000-2:2012 SNI ISO/IEC 20000-2:2013 Teknologi informasi - Manajemen layanan - Bagian 2: Pedoman penerapan sistem manajemen layanan IEEE Std 20000-2-2013 ISO/IEC TR 20000-3:2012 SNI ISO/IEC TR 20000-3:2013 Teknologi informasi - Manajemen layanan - Bagian 3: Pedoman pendefinisian lingkup dan kesesuaian dari SNI ISO/IEC 20000-1 ISO/IEC TR 20000-4:2010 SNI ISO/IEC TR 20000-4:2013 Teknologi informasi - Manajemen layanan - Bagian 4: Model referensi proses ISO/IEC TR 20000-5:2010 – replaced by ISO/IEC TR 20000-5:2013 SNI ISO/IEC TR 20000-5:2013 Teknologi informasi - Manajemen layanan - Bagian 5: Contoh acuan perencanaan implementasi SNI ISO/IEC 20000-1 ISO/IEC TR 20000-9:2015 Information technology -- Service management -- Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services ISO/IEC TR 20000-10:2013 Information technology -- Service management -- Part 10: Concepts and terminology ISO/IEC 30121:2015 Information technology -- Governance of digital forensic risk framework ISO/IEC 38500:2015 Information technology -- Governance of IT for the organization ISO/IEC TS 38501:2015 Information technology -- Governance of IT -- Implementation guide ISO/IEC TR 38502:2014 Information technology -- Governance of IT -- Framework and model 11
Customers (and other interested parties) Service Requirements Services Customers (and other interested parties) 5. Design and transition of new or changed services 8. Resolution processes 7. Relationship processes 8.1 Incident and service request management 8.2 Problem management 7.1 Business relationship management 7.2 Supplier management 6. Service delivery processes 6.5 Capacity management 6.3 Service continuity & availability management 6.1 Service level management 6.2 Service reporting 6.6 Information security management 6.4 Budgeting & accounting for services 4.1 Management responsibility 4.2 Governance of processes operated by other parties 4.5 Establish the SMS 4.3 Documentation management 4.4 Resource management 4. Service Management System (SMS) 9. Control processes 9.1 Configuration management 9.2 Change management 9.3 Release and deployment management
Usulan pengganti seri SNI ISO 15504 Information technology -- Process assessment ISO/IEC 33001:2015 Information technology -- Process assessment -- Concepts and terminology 60.60 35.080 ISO/IEC 33002:2015 Information technology -- Process assessment -- Requirements for performing process assessment 60.60 35.080 ISO/IEC 33003:2015 Information technology -- Process assessment -- Requirements for process measurement frameworks 60.60 35.080 ISO/IEC 33004:2015 Information technology -- Process assessment -- Requirements for process reference, process assessment and maturity models 60.60 35.080 ISO/IEC TR 33014:2013 Information technology -- Process assessment -- Guide for process improvement 60.60 35.080 ISO/IEC NP 33016 Information technology -- Process assessment -- Process assessment body of knowledge 10.99 ISO/IEC 33020:2015 Information technology -- Process assessment -- Process measurement framework for assessment of process capability 60.60 35.080 ISO/IEC CD 33050-4 Information technology -- Process assessment -- Part 4: A process reference model for information security management 30.20 35.080 ISO/IEC FDIS 33063 Information technology -- Process assessment -- Process assessment model for software testing 50.00 35.080 ISO/IEC CD 33070-4 Information technology -- Process assessment -- Part 4: A process assessment model for information security management 13
14
Month 200X Page 15 Process assessment  Action plan •Assessment of the audited processes and Actions plan to reach level . •Extend assessment througth the overall organisation to be able to compare same referential with same objectives and continuity of processes Lvl 5 : Value Lvl 4 : Service Lvl 3 : Proactiv Lvl 2 : Reactiv Lvl 1 : Chaos Incident Management Change Management Problem Management Service Level Management Service Desk Problem Management Implementation Knowledge Improvement Communications Process RFC Process OLAs Implementation Catalogues of Services Improvement
Trying to Run Before Walking Reactive Proactive  Analyze trends  Set thresholds  Predict problems  Measure appli- cation availability  Automate  Mature problem, configuration, change, asset and performance mgt processes  Fight fires  Inventory  Desktop SW distribution  Initiate problem mgt process  Alert and event mgt  Measure component availability (up/down)  IT as a service provider  Define services, classes, pricing  Understand costs  Guarantee SLAs  Measure & report service availability  Integrate processes  Capacity mgt Service Value  IT as strategic business partner  IT and business metric linkage  IT/business collaboration improves business process  Real-time infrastructure  Business planning Level 2 Level 3 Level 4 Chaotic  Ad hoc  Undocumented  Unpredictable  Multiple help desks  Minimal IT operations  User call notification Level 1 Tool Leverage Manage IT as a Business Service Delivery Process Engineering Operational Process Engineering Service and Account Management Level 5
Usulan seri SNI ISO 27k Information technology – Security technique (1/2) ISO/IEC 27000:2014 Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary ISO/IEC 27001:2013 Information technology -- Security techniques -- Information security management systems -- Requirements 60.6035.040 ISO/IEC 27001:2013/Cor 1:2014 60.60 35.040 ISO/IEC 27002:2013 Information technology -- Security techniques -- Code of practice for information security controls 60.6035.040 ISO/IEC 27002:2013/Cor 1:2014 60.60 35.040 ISO/IEC 27003:2010 Information technology -- Security techniques -- Information security management system implementation guidance 90.9235.040 ISO/IEC 27004:2009 Information technology -- Security techniques -- Information security management -- Measurement 90.9235.040 ISO/IEC 27005:2011 Information technology -- Security techniques -- Information security risk management 90.9235.040 ISO/IEC 27006:2011 Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems ISO/IEC 27007:2011 Information technology -- Security techniques -- Guidelines for information security management systems auditing 90.9235.040 ISO/IEC TR 27008:2011 Information technology -- Security techniques -- Guidelines for auditors on information security controls 90.9235.040 ISO/IEC 27010:2012 Information technology -- Security techniques -- Information security management for inter-sector and inter-organizational communications 90.9235.040 ISO/IEC 27011:2008 Information technology -- Security techniques -- Information security management guidelines for telecommunications organizations based on ISO/IEC 27002 ISO/IEC 27013:2012 Information technology -- Security techniques -- Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 ISO/IEC 27014:2013 Information technology -- Security techniques -- Governance of information security 60.6035.040 ISO/IEC TR 27015:2012 Information technology -- Security techniques -- Information security management guidelines for financial services 60.6003.060 35.040 ISO/IEC TR 27016:2014 Information technology -- Security techniques -- Information security management -- Organizational economics 60.6035.040 17
Usulan seri SNI ISO 27k Information technology – Security technique (2/2) ISO/IEC 27018:2014 Information technology -- Security techniques -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors 60.60 35.040 ISO/IEC TR 27019:2013 Information technology -- Security techniques -- Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry 90.92 35.040 35.240.99 ISO/IEC 27031:2011 Information technology -- Security techniques -- Guidelines for information and communication technology readiness for business continuity 60.60 35.040 ISO/IEC 27032:2012 Information technology -- Security techniques -- Guidelines for cybersecurity 60.60 35.040 ISO/IEC 27033-1:2009 Information technology -- Security techniques -- Network security -- Part 1: Overview and concepts 90.92 35.040 ISO/IEC 27033-2:2012 Information technology -- Security techniques -- Network security -- Part 2: Guidelines for the design and implementation of network security 60.60 35.040 ISO/IEC 27033-3:2010 Information technology -- Security techniques -- Network security -- Part 3: Reference networking scenarios -- Threats, design techniques and control issues 90.93 35.040 ISO/IEC 27033-4:2014 Information technology -- Security techniques -- Network security -- Part 4: Securing communications between networks using security gateways 60.60 35.040 ISO/IEC 27033-5:2013 Information technology -- Security techniques -- Network security -- Part 5: Securing communications across networks using Virtual Private Networks (VPNs) 60.60 35.040 ISO/IEC 27034-1:2011 Information technology -- Security techniques -- Application security -- Part 1: Overview and concepts 60.60 35.040 ISO/IEC 27034-1:2011/Cor 1:2014 60.60 35.040 ISO/IEC 27035:2011 Information technology -- Security techniques -- Information security incident management ISO/IEC 27036-1:2014 Information technology -- Security techniques -- Information security for supplier relationships -- Part 1: Overview and concepts 60.60 35.040 ISO/IEC 27036-2:2014 Information technology -- Security techniques -- Information security for supplier relationships -- Part 2: Requirements 60.60 35.040 ISO/IEC 27036-3:2013 Information technology -- Security techniques -- Information security for supplier relationships -- Part 3: Guidelines for information and communication technology supply chain security ISO/IEC 27037:2012 Information technology -- Security techniques -- Guidelines for identification, collection, acquisition and preservation of digital evidence 60.60 35.040 ISO/IEC 27038:2014 Information technology -- Security techniques -- Specification for digital redaction ISO/IEC 27039:2015 Information technology -- Security techniques -- Selection, deployment and operations of intrusion detection systems (IDPS) 60.60 35.040 ISO/IEC 27040:2015 Information technology -- Security techniques -- Storage security 60.60 35.040 ISO/IEC 27043:2015 Information technology -- Security techniques -- Incident investigation principles and processes 60.60 35.040 18
Network is Compromised
threat
Usulan dari ISO/TC 184/SC 4 - Industrial data Page 21 1. ISO/TS 8000-1:2011, Data quality — Part 1: Overview 2. ISO 8000-2:2012, Data quality — Part 2: Vocabulary 3. ISO/TS 8000-100:2009, Data quality — Part 100: Master data: Exchange of characteristic data: Overview 4. ISO 8000-102:2009, Data quality — Part 102: Master data: Exchange of characteristic data: Vocabulary 5. ISO 8000-110:2009, Data quality — Part 110: Master data: Exchange of characteristic data: Syntax, semantic encoding, and conformance to data specification 6. ISO/TS 8000-120:2009, Data quality — Part 120: Master data: Exchange of characteristic data: Provenance 7. ISO/TS 8000-130:2009, Data quality — Part 130: Master data: Exchange of characteristic data: Accuracy 8. ISO/TS 8000-140:2009, Data quality — Part 140: Master data: Exchange of characteristic data: Completeness 9. ISO/TS 8000-150:2011, Data quality — Part 150: Master data: Quality management framework
Seri ISO 8000 Data Quality Page 22 ISO 8000 ontology Part 1 : Scope , Justification and principles Part 3 Taxonomy : ISO 8000 parts & other standards relationships Part 8 Information and Data Quality Measuring Part 9 Information data quality relationship with other standards Part 20 Data Quality: Provenance Part 30 Data Quality Accuracy Part 40 Data Quality Completeness Part 50 Data Quality management framework Part 60 Information & Data Quality Process Assessment Part 100 Master data: Exchange of characteristic data: Overview Part 10 Data Quality Syntax, semantic encoding, and conformance to data specification Part 120 Master data: Exchange of characteristic data: Provenance Part 130 Master data: Exchange of characteristic data: Accuracy Part 140 Master data: Exchange of characteristic data: Completeness Part 150 Master Data Quality management framework Part 311 Guidance for the application of PDQ-S Part 2 Vocabulary Characteristics or Data quality dimensions RequirementsSyntax SemanticsPragmatics Measurements methods Management methods Introduction Vocab. / Onto General concepts & definitions Specialized concepts & definitions Management framework Usage guides Part 110 Master data: Exchange of characteristic data: Overview
Diskusi 23

Recommended

Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiBL4CKSWAN Srl
 
Gambar dan spec
Gambar dan specGambar dan spec
Gambar dan specian skay
 
Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...
Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...
Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...Ellan Syahnoorizal Siregar
 
Direktori SNI Wajib 2015
Direktori SNI Wajib 2015Direktori SNI Wajib 2015
Direktori SNI Wajib 2015Muhammad Bahrudin
 
Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...
Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...
Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...Ellan Syahnoorizal Siregar
 
Program dan lingkup pekerjaan pemeliharaan jalan
Program dan lingkup pekerjaan pemeliharaan jalanProgram dan lingkup pekerjaan pemeliharaan jalan
Program dan lingkup pekerjaan pemeliharaan jalanIndonesia Infrastructure Initiative
 

Recommended

Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiBL4CKSWAN Srl
 
Gambar dan spec
Gambar dan specGambar dan spec
Gambar dan specian skay
 
Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...
Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...
Sni 7394-2008-tata cara perhitungan harga satuan pekerjaan beton untuk konstr...Ellan Syahnoorizal Siregar
 
Direktori SNI Wajib 2015
Direktori SNI Wajib 2015Direktori SNI Wajib 2015
Direktori SNI Wajib 2015Muhammad Bahrudin
 
Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...
Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...
Sni 7393-2008-tata cara perhitungan harga satuan pekerjaan besi dan aluminium...Ellan Syahnoorizal Siregar
 
Program dan lingkup pekerjaan pemeliharaan jalan
Program dan lingkup pekerjaan pemeliharaan jalanProgram dan lingkup pekerjaan pemeliharaan jalan
Program dan lingkup pekerjaan pemeliharaan jalanIndonesia Infrastructure Initiative
 
Seminar: PHP Developer for Dummies
Seminar: PHP Developer for DummiesSeminar: PHP Developer for Dummies
Seminar: PHP Developer for DummiesAchmad Solichin
 
Buku informasi beton semen final
Buku informasi beton semen finalBuku informasi beton semen final
Buku informasi beton semen finalalpian nur
 
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
E gov keamanan informasi 3 okt 2016 - kpk
E gov keamanan informasi 3 okt 2016 - kpkE gov keamanan informasi 3 okt 2016 - kpk
E gov keamanan informasi 3 okt 2016 - kpkSarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...Hapsari Safira
 
Contoh Desain Perkerasan Jalan
Contoh Desain Perkerasan JalanContoh Desain Perkerasan Jalan
Contoh Desain Perkerasan JalanFahreza Lukman
 
01. teknik pengelolaan jalan volume 1
01. teknik pengelolaan jalan volume 101. teknik pengelolaan jalan volume 1
01. teknik pengelolaan jalan volume 1wahyudibarham
 
Membangun Smart ASN Melaui Inovasi
Membangun Smart ASN Melaui InovasiMembangun Smart ASN Melaui Inovasi
Membangun Smart ASN Melaui InovasiTri Widodo W. UTOMO
 
SNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar SiregarSNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar SiregarDirectorate of Information Security | Ditjen Aptika
 
Manual Desain Perkerasan Jalan - Baru (2012)
Manual Desain Perkerasan Jalan - Baru (2012)Manual Desain Perkerasan Jalan - Baru (2012)
Manual Desain Perkerasan Jalan - Baru (2012)Yusrizal Mahendra
 
Standar lapis pondasi agregat a,b dan c
Standar lapis pondasi agregat a,b dan cStandar lapis pondasi agregat a,b dan c
Standar lapis pondasi agregat a,b dan cKomar Rudin
 
Perencanaan jalan beton
Perencanaan jalan betonPerencanaan jalan beton
Perencanaan jalan betonAbd Hamid
 
Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015
Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015
Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...
Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...
Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaFahmi Albaheth
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_bangloreIPPAI
 
02 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v0502 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v05Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Iot vijaya priya r cat1
Iot vijaya priya r cat1Iot vijaya priya r cat1
Iot vijaya priya r cat1ChetanShahukari
 

More Related Content

Viewers also liked

Seminar: PHP Developer for Dummies
Seminar: PHP Developer for DummiesSeminar: PHP Developer for Dummies
Seminar: PHP Developer for DummiesAchmad Solichin
 
Buku informasi beton semen final
Buku informasi beton semen finalBuku informasi beton semen final
Buku informasi beton semen finalalpian nur
 
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...Hapsari Safira
 
Contoh Desain Perkerasan Jalan
Contoh Desain Perkerasan JalanContoh Desain Perkerasan Jalan
Contoh Desain Perkerasan JalanFahreza Lukman
 
01. teknik pengelolaan jalan volume 1
01. teknik pengelolaan jalan volume 101. teknik pengelolaan jalan volume 1
01. teknik pengelolaan jalan volume 1wahyudibarham
 
Membangun Smart ASN Melaui Inovasi
Membangun Smart ASN Melaui InovasiMembangun Smart ASN Melaui Inovasi
Membangun Smart ASN Melaui InovasiTri Widodo W. UTOMO
 
Manual Desain Perkerasan Jalan - Baru (2012)
Manual Desain Perkerasan Jalan - Baru (2012)Manual Desain Perkerasan Jalan - Baru (2012)
Manual Desain Perkerasan Jalan - Baru (2012)Yusrizal Mahendra
 
Standar lapis pondasi agregat a,b dan c
Standar lapis pondasi agregat a,b dan cStandar lapis pondasi agregat a,b dan c
Standar lapis pondasi agregat a,b dan cKomar Rudin
 
Perencanaan jalan beton
Perencanaan jalan betonPerencanaan jalan beton
Perencanaan jalan betonAbd Hamid
 

Viewers also liked (12)

Seminar: PHP Developer for Dummies
Seminar: PHP Developer for DummiesSeminar: PHP Developer for Dummies
Seminar: PHP Developer for Dummies
 
Buku informasi beton semen final
Buku informasi beton semen finalBuku informasi beton semen final
Buku informasi beton semen final
 
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
 
E gov keamanan informasi 3 okt 2016 - kpk
E gov keamanan informasi 3 okt 2016 - kpkE gov keamanan informasi 3 okt 2016 - kpk
E gov keamanan informasi 3 okt 2016 - kpk
 
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...
Perencanaan perkerasan jalan dengan manual desain perkerasan jalan nomor 02/M...
 
Contoh Desain Perkerasan Jalan
Contoh Desain Perkerasan JalanContoh Desain Perkerasan Jalan
Contoh Desain Perkerasan Jalan
 
01. teknik pengelolaan jalan volume 1
01. teknik pengelolaan jalan volume 101. teknik pengelolaan jalan volume 1
01. teknik pengelolaan jalan volume 1
 
Membangun Smart ASN Melaui Inovasi
Membangun Smart ASN Melaui InovasiMembangun Smart ASN Melaui Inovasi
Membangun Smart ASN Melaui Inovasi
 
SNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar SiregarSNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar Siregar
 
Manual Desain Perkerasan Jalan - Baru (2012)
Manual Desain Perkerasan Jalan - Baru (2012)Manual Desain Perkerasan Jalan - Baru (2012)
Manual Desain Perkerasan Jalan - Baru (2012)
 
Standar lapis pondasi agregat a,b dan c
Standar lapis pondasi agregat a,b dan cStandar lapis pondasi agregat a,b dan c
Standar lapis pondasi agregat a,b dan c
 
Perencanaan jalan beton
Perencanaan jalan betonPerencanaan jalan beton
Perencanaan jalan beton
 

Similar to Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015

Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaFahmi Albaheth
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_bangloreIPPAI
 
A Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramA Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramGoogleNewsSubmit
 
Metholodogies and Security Standards
Metholodogies and Security StandardsMetholodogies and Security Standards
Metholodogies and Security StandardsConferencias FIST
 
Bhadale group of companies quality standards catalogue
Bhadale group of companies quality standards catalogueBhadale group of companies quality standards catalogue
Bhadale group of companies quality standards catalogueVijayananda Mohire
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)Peter GEELEN ✔
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
 
List of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfList of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfDavidMorris296217
 

Similar to Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015 (20)

Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015
Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015
Usulan untuk wg1 dan wg2 pada pnps2015 rapat awal pt35-01 - 9 april 2015
 
Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...
Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...
Usulan untuk wg1 dan wg2 serta kualitas data pada pnps2015 rapat ke-2 pt35-...
 
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
 
S nandakumar
S nandakumarS nandakumar
S nandakumar
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_banglore
 
02 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v0502 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v05
 
Iot vijaya priya r cat1
Iot vijaya priya r cat1Iot vijaya priya r cat1
Iot vijaya priya r cat1
 
A Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramA Major Revision of the CISRCP Program
A Major Revision of the CISRCP Program
 
Metholodogies and Security Standards
Metholodogies and Security StandardsMetholodogies and Security Standards
Metholodogies and Security Standards
 
mm CGEIT Best Practices and Concepts
mm CGEIT Best Practices and Conceptsmm CGEIT Best Practices and Concepts
mm CGEIT Best Practices and Concepts
 
Bhadale group of companies quality standards catalogue
Bhadale group of companies quality standards catalogueBhadale group of companies quality standards catalogue
Bhadale group of companies quality standards catalogue
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)
 
Girma Tadesse CV
Girma Tadesse CV Girma Tadesse CV
Girma Tadesse CV
 
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
List of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfList of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdf
 
Bim tek 15 juni 2017 konsep iso27000-2016 smki
Bim tek 15 juni 2017 konsep iso27000-2016 smkiBim tek 15 juni 2017 konsep iso27000-2016 smki
Bim tek 15 juni 2017 konsep iso27000-2016 smki
 

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F (20)

TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdfKeamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
 
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdfKeamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
 
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
 
SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06
 
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset InformasiTata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
 
Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021
 
Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020
 
Keamanan Informasi - batasan
Keamanan Informasi - batasanKeamanan Informasi - batasan
Keamanan Informasi - batasan
 
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPKBuku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
 
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
 
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019 Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
 
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TIIIndeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
 
Materi wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 wonMateri wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 won
 
Materi caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod wonMateri caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod won
 
Antikorupsi mahasiswa
Antikorupsi mahasiswaAntikorupsi mahasiswa
Antikorupsi mahasiswa
 
Islam, pendidikan karakter & antikorupsi mod won v02
Islam, pendidikan karakter & antikorupsi mod won v02Islam, pendidikan karakter & antikorupsi mod won v02
Islam, pendidikan karakter & antikorupsi mod won v02
 
SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04
 
Perguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod wonPerguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod won
 
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
 

Recently uploaded

Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 

Recently uploaded (20)

Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 

Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015

  • 1. 1 Usulan Keamanan Informasi dan Sistem Manajemen Layanan serta Kualitas Data Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Anggota PT35-01 Teknologi Informasi PusTIKNas, Ciputat 12 Agustus 2015
  • 2. Current: • Cybersecurity Nexus Liaison, ISACA Indonesia Chapter • ISACA Academic Advocate at ITB • SME for Information Security Standard for ISO at ISACA HQ • Associate Professor at School of Electrical Engineering and Informatics, Institut Teknologi Bandung • Ketua WG Layanan dan Tata Kelola TI, anggota WG Keamanan Informasi serta Anggota Panitia Teknis 35-01 Program Nasional Penetapan Standar bidang Teknologi Informasi, BSN – Kominfo. Past: • Ketua Kelompok Kerja Evaluasi TIK Nasional, Dewan TIK Nasional (2007-2008) • Plt Direktur Operasi Sistem PPATK (Indonesia Financial Transaction Reports and Analysis Center, INTRAC), April 2009 – May 2011 Professional Certification: • Professional Engineering (PE), the Principles and Practice of Electrical Engineering, College of Engineering, the University of Texas at Austin. 2000 • IRCA Information Security Management System Lead Auditor Course, 2004 • ISACA Certified Information System Auditor (CISA). CISA Number: 0540859, 2005 • Brainbench Computer Forensic, 2006 • (ISC)2 Certified Information Systems Security Professional (CISSP), No: 118113, 2007 • ISACA Certified Information Security Manager (CISM). CISM Number: 0707414, 2007 Award: • (ISC)2 Asia Pacific Information Security Leadership Achievements (ISLA) 2011 award in category Senior Information Security Professional. http://isc2.org/ISLA 2 Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM
  • 3.
  • 4.
  • 5. Presentation: KamInfo.ID5 5 KEAMANAN INFORMASI VERSIISACA Information security is a business enabler that is strictly bound to stakeholder trust, either by addressing business risk or by creating value for an enterprise, such as competitive advantage. At a time when the significance of information and related technologies is increasing in every aspect of business and public life, the need to mitigate information risk, which includes protecting information and related IT assets from ever-changing threats, is constantly intensifying. ISACA defines information security as something that: Ensures that information is readily available (availability), when required, and protected against disclosure to unauthorised users (confidentiality) and improper modification (integrity).
  • 6. Presentation: KamInfo.ID6 6 KEAMANAN INFORMASI ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
  • 7. Presentation: KamInfo.ID7 7 KEAMANAN NASIONAL ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
  • 8. 8
  • 9. Kategori Kontrol berbasis Risiko 9 Source: Transforming Cybersecurity: Using COBIT 5, ISACA, 2013
  • 10. Kerangka dan Standar – tinjauan SNI ISO 38500 COSO PP60/ 2008 COBIT ITIL v2 ITIL v3 SNI ISO 20000 SNI ISO 2700x SNI ISO 900x Common Criteria SNI ISO 15408 boardlevelmanagementtechnical SNI ISO 27013
  • 11. ISO/IEC JTC 1/SC 40 - IT Service Management and IT Governance ISO/IEC 20000-1:2011 SNI ISO/IEC 20000-1:2013 Teknologi Informasi - Manajemen Layanan - Bagian 1: Persyaratan sistem manajemen layanan IEEE Std 20000-1-2013 ISO/IEC 20000-2:2012 SNI ISO/IEC 20000-2:2013 Teknologi informasi - Manajemen layanan - Bagian 2: Pedoman penerapan sistem manajemen layanan IEEE Std 20000-2-2013 ISO/IEC TR 20000-3:2012 SNI ISO/IEC TR 20000-3:2013 Teknologi informasi - Manajemen layanan - Bagian 3: Pedoman pendefinisian lingkup dan kesesuaian dari SNI ISO/IEC 20000-1 ISO/IEC TR 20000-4:2010 SNI ISO/IEC TR 20000-4:2013 Teknologi informasi - Manajemen layanan - Bagian 4: Model referensi proses ISO/IEC TR 20000-5:2010 – replaced by ISO/IEC TR 20000-5:2013 SNI ISO/IEC TR 20000-5:2013 Teknologi informasi - Manajemen layanan - Bagian 5: Contoh acuan perencanaan implementasi SNI ISO/IEC 20000-1 ISO/IEC TR 20000-9:2015 Information technology -- Service management -- Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services ISO/IEC TR 20000-10:2013 Information technology -- Service management -- Part 10: Concepts and terminology ISO/IEC 30121:2015 Information technology -- Governance of digital forensic risk framework ISO/IEC 38500:2015 Information technology -- Governance of IT for the organization ISO/IEC TS 38501:2015 Information technology -- Governance of IT -- Implementation guide ISO/IEC TR 38502:2014 Information technology -- Governance of IT -- Framework and model 11
  • 12. Customers (and other interested parties) Service Requirements Services Customers (and other interested parties) 5. Design and transition of new or changed services 8. Resolution processes 7. Relationship processes 8.1 Incident and service request management 8.2 Problem management 7.1 Business relationship management 7.2 Supplier management 6. Service delivery processes 6.5 Capacity management 6.3 Service continuity & availability management 6.1 Service level management 6.2 Service reporting 6.6 Information security management 6.4 Budgeting & accounting for services 4.1 Management responsibility 4.2 Governance of processes operated by other parties 4.5 Establish the SMS 4.3 Documentation management 4.4 Resource management 4. Service Management System (SMS) 9. Control processes 9.1 Configuration management 9.2 Change management 9.3 Release and deployment management
  • 13. Usulan pengganti seri SNI ISO 15504 Information technology -- Process assessment ISO/IEC 33001:2015 Information technology -- Process assessment -- Concepts and terminology 60.60 35.080 ISO/IEC 33002:2015 Information technology -- Process assessment -- Requirements for performing process assessment 60.60 35.080 ISO/IEC 33003:2015 Information technology -- Process assessment -- Requirements for process measurement frameworks 60.60 35.080 ISO/IEC 33004:2015 Information technology -- Process assessment -- Requirements for process reference, process assessment and maturity models 60.60 35.080 ISO/IEC TR 33014:2013 Information technology -- Process assessment -- Guide for process improvement 60.60 35.080 ISO/IEC NP 33016 Information technology -- Process assessment -- Process assessment body of knowledge 10.99 ISO/IEC 33020:2015 Information technology -- Process assessment -- Process measurement framework for assessment of process capability 60.60 35.080 ISO/IEC CD 33050-4 Information technology -- Process assessment -- Part 4: A process reference model for information security management 30.20 35.080 ISO/IEC FDIS 33063 Information technology -- Process assessment -- Process assessment model for software testing 50.00 35.080 ISO/IEC CD 33070-4 Information technology -- Process assessment -- Part 4: A process assessment model for information security management 13
  • 14. 14
  • 15. Month 200X Page 15 Process assessment  Action plan •Assessment of the audited processes and Actions plan to reach level . •Extend assessment througth the overall organisation to be able to compare same referential with same objectives and continuity of processes Lvl 5 : Value Lvl 4 : Service Lvl 3 : Proactiv Lvl 2 : Reactiv Lvl 1 : Chaos Incident Management Change Management Problem Management Service Level Management Service Desk Problem Management Implementation Knowledge Improvement Communications Process RFC Process OLAs Implementation Catalogues of Services Improvement
  • 16. Trying to Run Before Walking Reactive Proactive  Analyze trends  Set thresholds  Predict problems  Measure appli- cation availability  Automate  Mature problem, configuration, change, asset and performance mgt processes  Fight fires  Inventory  Desktop SW distribution  Initiate problem mgt process  Alert and event mgt  Measure component availability (up/down)  IT as a service provider  Define services, classes, pricing  Understand costs  Guarantee SLAs  Measure & report service availability  Integrate processes  Capacity mgt Service Value  IT as strategic business partner  IT and business metric linkage  IT/business collaboration improves business process  Real-time infrastructure  Business planning Level 2 Level 3 Level 4 Chaotic  Ad hoc  Undocumented  Unpredictable  Multiple help desks  Minimal IT operations  User call notification Level 1 Tool Leverage Manage IT as a Business Service Delivery Process Engineering Operational Process Engineering Service and Account Management Level 5
  • 17. Usulan seri SNI ISO 27k Information technology – Security technique (1/2) ISO/IEC 27000:2014 Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary ISO/IEC 27001:2013 Information technology -- Security techniques -- Information security management systems -- Requirements 60.6035.040 ISO/IEC 27001:2013/Cor 1:2014 60.60 35.040 ISO/IEC 27002:2013 Information technology -- Security techniques -- Code of practice for information security controls 60.6035.040 ISO/IEC 27002:2013/Cor 1:2014 60.60 35.040 ISO/IEC 27003:2010 Information technology -- Security techniques -- Information security management system implementation guidance 90.9235.040 ISO/IEC 27004:2009 Information technology -- Security techniques -- Information security management -- Measurement 90.9235.040 ISO/IEC 27005:2011 Information technology -- Security techniques -- Information security risk management 90.9235.040 ISO/IEC 27006:2011 Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems ISO/IEC 27007:2011 Information technology -- Security techniques -- Guidelines for information security management systems auditing 90.9235.040 ISO/IEC TR 27008:2011 Information technology -- Security techniques -- Guidelines for auditors on information security controls 90.9235.040 ISO/IEC 27010:2012 Information technology -- Security techniques -- Information security management for inter-sector and inter-organizational communications 90.9235.040 ISO/IEC 27011:2008 Information technology -- Security techniques -- Information security management guidelines for telecommunications organizations based on ISO/IEC 27002 ISO/IEC 27013:2012 Information technology -- Security techniques -- Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 ISO/IEC 27014:2013 Information technology -- Security techniques -- Governance of information security 60.6035.040 ISO/IEC TR 27015:2012 Information technology -- Security techniques -- Information security management guidelines for financial services 60.6003.060 35.040 ISO/IEC TR 27016:2014 Information technology -- Security techniques -- Information security management -- Organizational economics 60.6035.040 17
  • 18. Usulan seri SNI ISO 27k Information technology – Security technique (2/2) ISO/IEC 27018:2014 Information technology -- Security techniques -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors 60.60 35.040 ISO/IEC TR 27019:2013 Information technology -- Security techniques -- Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry 90.92 35.040 35.240.99 ISO/IEC 27031:2011 Information technology -- Security techniques -- Guidelines for information and communication technology readiness for business continuity 60.60 35.040 ISO/IEC 27032:2012 Information technology -- Security techniques -- Guidelines for cybersecurity 60.60 35.040 ISO/IEC 27033-1:2009 Information technology -- Security techniques -- Network security -- Part 1: Overview and concepts 90.92 35.040 ISO/IEC 27033-2:2012 Information technology -- Security techniques -- Network security -- Part 2: Guidelines for the design and implementation of network security 60.60 35.040 ISO/IEC 27033-3:2010 Information technology -- Security techniques -- Network security -- Part 3: Reference networking scenarios -- Threats, design techniques and control issues 90.93 35.040 ISO/IEC 27033-4:2014 Information technology -- Security techniques -- Network security -- Part 4: Securing communications between networks using security gateways 60.60 35.040 ISO/IEC 27033-5:2013 Information technology -- Security techniques -- Network security -- Part 5: Securing communications across networks using Virtual Private Networks (VPNs) 60.60 35.040 ISO/IEC 27034-1:2011 Information technology -- Security techniques -- Application security -- Part 1: Overview and concepts 60.60 35.040 ISO/IEC 27034-1:2011/Cor 1:2014 60.60 35.040 ISO/IEC 27035:2011 Information technology -- Security techniques -- Information security incident management ISO/IEC 27036-1:2014 Information technology -- Security techniques -- Information security for supplier relationships -- Part 1: Overview and concepts 60.60 35.040 ISO/IEC 27036-2:2014 Information technology -- Security techniques -- Information security for supplier relationships -- Part 2: Requirements 60.60 35.040 ISO/IEC 27036-3:2013 Information technology -- Security techniques -- Information security for supplier relationships -- Part 3: Guidelines for information and communication technology supply chain security ISO/IEC 27037:2012 Information technology -- Security techniques -- Guidelines for identification, collection, acquisition and preservation of digital evidence 60.60 35.040 ISO/IEC 27038:2014 Information technology -- Security techniques -- Specification for digital redaction ISO/IEC 27039:2015 Information technology -- Security techniques -- Selection, deployment and operations of intrusion detection systems (IDPS) 60.60 35.040 ISO/IEC 27040:2015 Information technology -- Security techniques -- Storage security 60.60 35.040 ISO/IEC 27043:2015 Information technology -- Security techniques -- Incident investigation principles and processes 60.60 35.040 18
  • 21. Usulan dari ISO/TC 184/SC 4 - Industrial data Page 21 1. ISO/TS 8000-1:2011, Data quality — Part 1: Overview 2. ISO 8000-2:2012, Data quality — Part 2: Vocabulary 3. ISO/TS 8000-100:2009, Data quality — Part 100: Master data: Exchange of characteristic data: Overview 4. ISO 8000-102:2009, Data quality — Part 102: Master data: Exchange of characteristic data: Vocabulary 5. ISO 8000-110:2009, Data quality — Part 110: Master data: Exchange of characteristic data: Syntax, semantic encoding, and conformance to data specification 6. ISO/TS 8000-120:2009, Data quality — Part 120: Master data: Exchange of characteristic data: Provenance 7. ISO/TS 8000-130:2009, Data quality — Part 130: Master data: Exchange of characteristic data: Accuracy 8. ISO/TS 8000-140:2009, Data quality — Part 140: Master data: Exchange of characteristic data: Completeness 9. ISO/TS 8000-150:2011, Data quality — Part 150: Master data: Quality management framework
  • 22. Seri ISO 8000 Data Quality Page 22 ISO 8000 ontology Part 1 : Scope , Justification and principles Part 3 Taxonomy : ISO 8000 parts & other standards relationships Part 8 Information and Data Quality Measuring Part 9 Information data quality relationship with other standards Part 20 Data Quality: Provenance Part 30 Data Quality Accuracy Part 40 Data Quality Completeness Part 50 Data Quality management framework Part 60 Information & Data Quality Process Assessment Part 100 Master data: Exchange of characteristic data: Overview Part 10 Data Quality Syntax, semantic encoding, and conformance to data specification Part 120 Master data: Exchange of characteristic data: Provenance Part 130 Master data: Exchange of characteristic data: Accuracy Part 140 Master data: Exchange of characteristic data: Completeness Part 150 Master Data Quality management framework Part 311 Guidance for the application of PDQ-S Part 2 Vocabulary Characteristics or Data quality dimensions RequirementsSyntax SemanticsPragmatics Measurements methods Management methods Introduction Vocab. / Onto General concepts & definitions Specialized concepts & definitions Management framework Usage guides Part 110 Master data: Exchange of characteristic data: Overview