SlideShare a Scribd company logo

Sarwono sutikno wisuda stsn - 10 nov 2015 v2

Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

Informasi, Keamanan, Risiko, Kendali, Sasaran Kendali dan Perubahan . Wisuda STSN, Ciseeng, Bogor 10 November 2015

Education
1 of 24
Download to read offline
Informasi, Keamanan, Risiko, Kendali, Sasaran Kendali dan Perubahan Wisuda STSN, Ciseeng, Bogor 10 November 2015 Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Sekolah Teknik Elektro dan Informatika Institut Teknologi Bandung
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Current: • Cybersecurity Nexus Liaison, ISACA Indonesia Chapter • ISACA Academic Advocate at ITB • SME for Information Security Standard for ISO at ISACA HQ • Associate Professor at School of Electrical Engineering and Informatics, Institut Teknologi Bandung • Ketua WG Layanan dan Tata Kelola TI, anggota WG Keamanan Informasi serta Anggota Panitia Teknis 35-01 Program Nasional Penetapan Standar bidang Teknologi Informasi, BSN– Kominfo. • Lead Asesor Lembaga Sertifikasi SNI ISO/IEC 27001:2013 KAN Past: • Ketua Kelompok Kerja Evaluasi TIK Nasional, Dewan TIK Nasional (2007-2008) • Plt Direktur Operasi Sistem PPATK (Indonesia Financial Transaction Reports and Analysis Center, INTRAC), April 2009 – May 2011 Professional Certification: • Professional Engineering (PE), the Principles and Practice of Electrical Engineering, College of Engineering, the University of Texas at Austin. 2000 • IRCA Information Security Management System Lead Auditor Course, 2004 • ISACA Certified Information System Auditor (CISA). CISA Number: 0540859, 2005 • Brainbench Computer Forensic, 2006 • (ISC)2 Certified Information Systems Security Professional (CISSP), No: 118113, 2007 • ISACA Certified Information Security Manager (CISM). CISM Number: 0707414, 2007 Award: • (ISC)2 Asia Pacific Information Security Leadership Achievements (ISLA) 2011 award in category Senior Information Security Professional. http://isc2.org/ISLA 2
Bloom Revised Bloom • Remember • Apply • Understand • Analyze • Evaluate • Create • Evaluation • Analysis • Synthesis • Application • Comprehension • Knowledge
Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 4
Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 5
Sasaran Tata Kelola: Value Creation 6
ISACA defines information security as something that: Ensures that information is readily available (availability), when required, and protected against disclosure to unauthorised users (confidentiality) and improper modification (integrity). 7 Keamanan informasi versi isaca Information security is a business enabler that is strictly bound to stakeholder trust, either by addressing business risk or by creating value for an enterprise, such as competitive advantage. At a time when the significance of information and related technologies is increasing in every aspect of business and public life, the need to mitigate information risk, which includes protecting information and related IT assets from ever-changing threats, is constantly intensifying.
8 Keamanan informasi ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
9 Keamanan Nasional ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 10
Risk >< Control
PP 60/2008 Sistem Pengendalian Intern Pemerintah 12 Pasal 3 (1) d. informasi dan komunikasi (Information and Communication Internal Control) Psl 3 (1) c. kegiatan pengendalian (Internal Control Activities) Psl 3 (1) b. penilaian risiko (Internal Control Risk Assessment) Psl 3 (1) a. lingkungan pengendalian (Internal Control Environment) TuPokSiInstansi BisnisProses,SPO,dll Psl 3 (1) e. pemantauan pengendalian intern (Internal Control Monitoring) PeraturanPerundangan
Risk based categorization Control 13
Three lines of defence 14
15
Prinsip SNI ISO/IEC 31000 a. Risk management creates and protects value b. Risk management is an integral part of all organizational processes c. Risk management is part of decision making d. Risk management explicitly addresses uncertainty e. Risk management is systematic, structured and timely f. Risk management is based on the best available information g. Risk management is tailored h. Risk management takes human and cultural factors into account i. Risk management is transparent and inclusive. j. Risk management is dynamic, iterative and responsive to change k. Risk management facilitates continual improvement of the organization 16
4 Context of the organization 5 Leadership 6 Planning 7 Support 8 Operation 9 Performance evaluation 10 Improvemen t 4.1 Understanding the organization and its context 5.1 Leadership and commitmen t 6.1 Actions to address risks and opportunitie s 7.1 Resources 8.1 Operational planning and control 9.1 Monitoring, measuremen t, analysis and evaluation 10.1 Nonconformi ty and corrective action 4.2 Understanding the needs and expectations of interested parties 5.2 Policy 6.2 Information security objectives and plans to achieve them 7.2 Competence 8.2 Information security risk assessment 9.2 Internal audit 10.2 Continual improvement 4.3 Determining the scope of the information security management system 7.3 Awareness 8.3 Information security risk treatment 9.3 Management review 4.4 Information security 7.4 Communicat 17 MSS series: ISO 9000, 27000, 14000, 20000 (?)
Seri SNI ISO/IEC 27000 SMKI 18
Hubungan antar Kerangka COBIT 5 Panduan Umum Tata Kelola TIK Nas + Kuesioner Evaluasi Pengendalian Intern TIK Internal Control Framework COSO SNI ISO 38500 PP60/2008 Sistem Pengendalian Intern Pemerintah TataKelolaTataKelolaTIManajemenTI SNI ISO 27001SNI ISO 20000 19
Hubungan antar Kerangka Keamanan COBIT 5 Panduan Umum Tata Kelola TIK Nas + Kuesioner Evaluasi Pengendalian Intern TIK Internal Control Framework COSO SNI ISO 38500 PP60/2008 Sistem Pengendalian Intern Pemerintah TataKelolaManajemenPerangkat SNI ISO 20000 20 RSNI ISO 27013 SNI ISO 27014 Governance of Information Security SNI ISO 15408 Common Criteria SNI ISO 27001 Information Security Management System
Evaluation Assurance Levels (EAL) 1. Functionally tested 2. Structurally tested 3. Methodically tested and checked 4. Methodically designed, tested, and reviewed 5. Semi-formally designed and tested 6. Semi-formally verified design and tested 7. Formally verified design and tested
Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 22
Perubahan SNI ISO/IEC 27001:2013 Konteks organisasi Lingkungan organisasi Isu, risiko dan kesempatan Perubahan dari hanya preventiv Pihak berkepentingan Perubahan dari stakeholder Kepemimpinan Persyaratan pimpinan puncak Komunikasi Sejalan dgn PP60/2008 SPIP Pasal 3 angka 1 huruf d Sasaran Keamanan Informasi Tiap tingkat dan fungsi harus mempunyai sasaran keamanan informasi Penilaian Risiko Identifikasi aset, ancaman dan kelemahan bukan lagi persyaratan identifikasi risiko keamanan info Pemilik Risiko Menggantikan pemilik aset Rencana Penanganan Risiko Efektivitas rencana penangan risiko lebih penting dari efektivitas kendali Kendali Kendali ditentukan dalam proses penanganan risiko, bukan lagi dipilih dari Annex A SNI ISO/IEC27001 Informasi terdokumen Mengganti dokumen dan catatan Evaluasi Kinerja Termasuk pengukuran SMKI dan efektivitas rencana penanganan risiko Perbaikan berkesinambungan Metoda selain PDCA dapat dipakai
Imam Santosa © LPPM ITB 2011 Terima Kasih INSTITUT TEKNOLOGI BANDUNG 24

Recommended

Sarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_apr
Sarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_aprSarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_apr
Sarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_apr
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
ISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suara
ISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suaraISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suara
ISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suara
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Cisco ccna security
Cisco ccna securityCisco ccna security
Cisco ccna security
Mt Mostafa
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb Ghallab
Fahmi Albaheth
 
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAEIT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
360 BSI
 
Khas bank isms 3 s
Khas bank isms 3 sKhas bank isms 3 s
Khas bank isms 3 s
Khaltar Togtuun
 

Recommended

Sarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_apr
Sarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_aprSarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_apr
Sarwono sutikno its 17 maret 2016 dari public-isaca csx-update-18_apr
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
ISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suara
ISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suaraISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suara
ISACA Indonesia - AGM 2016 - CSX Liaison 2016 dgn suara
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Cisco ccna security
Cisco ccna securityCisco ccna security
Cisco ccna security
Mt Mostafa
 
Steganography - Muheeb Ghallab
Steganography - Muheeb GhallabSteganography - Muheeb Ghallab
Steganography - Muheeb Ghallab
Fahmi Albaheth
 
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAEIT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
360 BSI
 
Khas bank isms 3 s
Khas bank isms 3 sKhas bank isms 3 s
Khas bank isms 3 s
Khaltar Togtuun
 
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAEIT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
360 BSI
 
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
 
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAEIT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
360 BSI
 
Metholodogies and Security Standards
Metholodogies and Security StandardsMetholodogies and Security Standards
Metholodogies and Security StandardsConferencias FIST
 
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAEIT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
360 BSI
 
IT Information Security Management Principles, 28 February - 02 March 2016 Du...
IT Information Security Management Principles, 28 February - 02 March 2016 Du...IT Information Security Management Principles, 28 February - 02 March 2016 Du...
IT Information Security Management Principles, 28 February - 02 March 2016 Du...
360 BSI
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chain
aletarw
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information security
ethanBrownusa
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
PECB
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
Vaughan Olufemi ACIB, AICEN, ANIM
 
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
Luca Moroni ✔✔
 
Infosek Luca Moroni Nova Gorica (SLO)
Infosek Luca Moroni Nova Gorica (SLO)Infosek Luca Moroni Nova Gorica (SLO)
Infosek Luca Moroni Nova Gorica (SLO)
Luca_Moroni
 
Maloney slides
Maloney slidesMaloney slides
Maloney slidesOnkar Sule
 
Forget cyber, it's all about AppSec
Forget cyber, it's all about AppSecForget cyber, it's all about AppSec
Forget cyber, it's all about AppSec
Adrien de Beaupre
 
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAECybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
360 BSI
 
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
360 BSI
 
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
360 BSI
 
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAPSandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Unhan membangun kemampuan siber indonesia di era perang informasi
Unhan membangun kemampuan siber indonesia di era perang informasiUnhan membangun kemampuan siber indonesia di era perang informasi
Unhan membangun kemampuan siber indonesia di era perang informasi
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014
DQS Inc.
 

More Related Content

What's hot

IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAEIT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
360 BSI
 
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
 
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAEIT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
360 BSI
 
Metholodogies and Security Standards
Metholodogies and Security StandardsMetholodogies and Security Standards
Metholodogies and Security StandardsConferencias FIST
 
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAEIT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
360 BSI
 
IT Information Security Management Principles, 28 February - 02 March 2016 Du...
IT Information Security Management Principles, 28 February - 02 March 2016 Du...IT Information Security Management Principles, 28 February - 02 March 2016 Du...
IT Information Security Management Principles, 28 February - 02 March 2016 Du...
360 BSI
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chain
aletarw
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information security
ethanBrownusa
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
PECB
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
Vaughan Olufemi ACIB, AICEN, ANIM
 
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
Luca Moroni ✔✔
 
Infosek Luca Moroni Nova Gorica (SLO)
Infosek Luca Moroni Nova Gorica (SLO)Infosek Luca Moroni Nova Gorica (SLO)
Infosek Luca Moroni Nova Gorica (SLO)
Luca_Moroni
 
Maloney slides
Maloney slidesMaloney slides
Maloney slidesOnkar Sule
 
Forget cyber, it's all about AppSec
Forget cyber, it's all about AppSecForget cyber, it's all about AppSec
Forget cyber, it's all about AppSec
Adrien de Beaupre
 
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAECybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
360 BSI
 
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
360 BSI
 
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
360 BSI
 

What's hot (18)

IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAEIT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
 
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAEIT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
 
Metholodogies and Security Standards
Metholodogies and Security StandardsMetholodogies and Security Standards
Metholodogies and Security Standards
 
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAEIT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
 
IT Information Security Management Principles, 28 February - 02 March 2016 Du...
IT Information Security Management Principles, 28 February - 02 March 2016 Du...IT Information Security Management Principles, 28 February - 02 March 2016 Du...
IT Information Security Management Principles, 28 February - 02 March 2016 Du...
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chain
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information security
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
 
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
 
Infosek Luca Moroni Nova Gorica (SLO)
Infosek Luca Moroni Nova Gorica (SLO)Infosek Luca Moroni Nova Gorica (SLO)
Infosek Luca Moroni Nova Gorica (SLO)
 
Maloney slides
Maloney slidesMaloney slides
Maloney slides
 
Forget cyber, it's all about AppSec
Forget cyber, it's all about AppSecForget cyber, it's all about AppSec
Forget cyber, it's all about AppSec
 
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAECybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
 
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
 
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
 

Viewers also liked

Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAPSandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Unhan membangun kemampuan siber indonesia di era perang informasi
Unhan membangun kemampuan siber indonesia di era perang informasiUnhan membangun kemampuan siber indonesia di era perang informasi
Unhan membangun kemampuan siber indonesia di era perang informasi
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014
DQS Inc.
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard Requirements
Uppala Anand
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
Ahmed Riad .
 
K. sarwono sutikno makalah singkat kpk 2015
K. sarwono sutikno makalah singkat kpk 2015K. sarwono sutikno makalah singkat kpk 2015
K. sarwono sutikno makalah singkat kpk 2015
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Dasar-Dasar Keamanan Sistem Informasi
Dasar-Dasar Keamanan Sistem InformasiDasar-Dasar Keamanan Sistem Informasi
Dasar-Dasar Keamanan Sistem InformasiWildan Maulana
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security PresentationEricMendel
 
Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...
Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...
Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...
Saiful Hidayat
 
Kontrol & Audit Sistem Informasi
Kontrol & Audit Sistem InformasiKontrol & Audit Sistem Informasi
Kontrol & Audit Sistem Informasi
dwiki apsyarin
 
WEBINAR: Transitioning to ISO/IEC 27001: 2013
WEBINAR: Transitioning to ISO/IEC 27001: 2013WEBINAR: Transitioning to ISO/IEC 27001: 2013
WEBINAR: Transitioning to ISO/IEC 27001: 2013
SAIGlobalAssurance
 
Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )
James Montolalu
 
Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015
Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015
Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Kriptografi
KriptografiKriptografi
Kriptografi
WhulandDhari Taslim
 
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Kontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem InformasiKontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem Informasi
Herman efendi
 
Cobit 5 - Kontrol dan Audit Sistem informasi
Cobit 5 - Kontrol dan Audit Sistem informasiCobit 5 - Kontrol dan Audit Sistem informasi
Cobit 5 - Kontrol dan Audit Sistem informasi
sayuti01
 
Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...
Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...
Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...Saiful Hidayat
 
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASIPENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
Dhina Pohan
 

Viewers also liked (20)

Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAPSandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
 
Unhan membangun kemampuan siber indonesia di era perang informasi
Unhan membangun kemampuan siber indonesia di era perang informasiUnhan membangun kemampuan siber indonesia di era perang informasi
Unhan membangun kemampuan siber indonesia di era perang informasi
 
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
Keamanan informasi cybersecurity risk opportunity and control - surabaya 17...
 
Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013 03202014
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard Requirements
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
 
K. sarwono sutikno makalah singkat kpk 2015
K. sarwono sutikno makalah singkat kpk 2015K. sarwono sutikno makalah singkat kpk 2015
K. sarwono sutikno makalah singkat kpk 2015
 
Dasar-Dasar Keamanan Sistem Informasi
Dasar-Dasar Keamanan Sistem InformasiDasar-Dasar Keamanan Sistem Informasi
Dasar-Dasar Keamanan Sistem Informasi
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security Presentation
 
Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...
Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...
Saiful Hidayat Pemanfaatan Certification authority (CA) Untuk Transaksi Elekt...
 
Kontrol & Audit Sistem Informasi
Kontrol & Audit Sistem InformasiKontrol & Audit Sistem Informasi
Kontrol & Audit Sistem Informasi
 
WEBINAR: Transitioning to ISO/IEC 27001: 2013
WEBINAR: Transitioning to ISO/IEC 27001: 2013WEBINAR: Transitioning to ISO/IEC 27001: 2013
WEBINAR: Transitioning to ISO/IEC 27001: 2013
 
Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )
 
Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015
Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015
Sosialisasi sni iso iec 38500-2015 rev2 - 15 des2015
 
Kriptografi
KriptografiKriptografi
Kriptografi
 
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
Ancaman cyber terhadap keamanan nasional cybersecurityy risk and control - ...
 
Kontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem InformasiKontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem Informasi
 
Cobit 5 - Kontrol dan Audit Sistem informasi
Cobit 5 - Kontrol dan Audit Sistem informasiCobit 5 - Kontrol dan Audit Sistem informasi
Cobit 5 - Kontrol dan Audit Sistem informasi
 
Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...
Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...
Saiful HIdayat Pengembangan bisnis Koperasi dan UMKM melalui pemanfaatan TIK ...
 
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASIPENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
 

Similar to Sarwono sutikno wisuda stsn - 10 nov 2015 v2

02 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v0502 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v05
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Pindad iso27000 2016 smki
Pindad iso27000 2016 smkiPindad iso27000 2016 smki
Pindad iso27000 2016 smki
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Bim tek 15 juni 2017 konsep iso27000-2016 smki
Bim tek 15 juni 2017 konsep iso27000-2016 smkiBim tek 15 juni 2017 konsep iso27000-2016 smki
Bim tek 15 juni 2017 konsep iso27000-2016 smki
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Directorate of Information Security | Ditjen Aptika
 
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdfKeamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Know more about exin unique information security program
Know more about exin unique information security programKnow more about exin unique information security program
Know more about exin unique information security program
Elke Couto Morgado
 
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
Thilak Pathirage -Senior IT Gov and Risk Consultant
 
NGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNasNGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNas
Emyana Ruth
 
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Solve the exercise in security management.pdf
Solve the exercise in security management.pdfSolve the exercise in security management.pdf
Solve the exercise in security management.pdf
sdfghj21
 
Zlatibor risk based balancing of organizational and technical controls for ...
Zlatibor risk based balancing of organizational and technical controls for ...Zlatibor risk based balancing of organizational and technical controls for ...
Zlatibor risk based balancing of organizational and technical controls for ...Dejan Jeremic
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
PECB
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
Fahmi Albaheth
 
Three trends in cybersecurity
Three trends in cybersecurityThree trends in cybersecurity
Three trends in cybersecurity
Alexander Deucalion
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO Standards
PECB
 
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
Finni Rice
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
n|u - The Open Security Community
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
Swati Gupta
 

Similar to Sarwono sutikno wisuda stsn - 10 nov 2015 v2 (20)

02 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v0502 sasaran kendali pencapaian tujuan v05
02 sasaran kendali pencapaian tujuan v05
 
Pindad iso27000 2016 smki
Pindad iso27000 2016 smkiPindad iso27000 2016 smki
Pindad iso27000 2016 smki
 
Bim tek 15 juni 2017 konsep iso27000-2016 smki
Bim tek 15 juni 2017 konsep iso27000-2016 smkiBim tek 15 juni 2017 konsep iso27000-2016 smki
Bim tek 15 juni 2017 konsep iso27000-2016 smki
 
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
 
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdfKeamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
 
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
 
Know more about exin unique information security program
Know more about exin unique information security programKnow more about exin unique information security program
Know more about exin unique information security program
 
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
 
NGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNasNGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNas
 
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
 
Solve the exercise in security management.pdf
Solve the exercise in security management.pdfSolve the exercise in security management.pdf
Solve the exercise in security management.pdf
 
Zlatibor risk based balancing of organizational and technical controls for ...
Zlatibor risk based balancing of organizational and technical controls for ...Zlatibor risk based balancing of organizational and technical controls for ...
Zlatibor risk based balancing of organizational and technical controls for ...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
 
Three trends in cybersecurity
Three trends in cybersecurityThree trends in cybersecurity
Three trends in cybersecurity
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO Standards
 
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
 

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdfKeamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset InformasiTata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Keamanan Informasi - batasan
Keamanan Informasi - batasanKeamanan Informasi - batasan
Keamanan Informasi - batasan
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPKBuku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019 Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TIIIndeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Materi wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 wonMateri wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 won
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Materi caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod wonMateri caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod won
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Antikorupsi mahasiswa
Antikorupsi mahasiswaAntikorupsi mahasiswa
Antikorupsi mahasiswa
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Islam, pendidikan karakter &amp; antikorupsi mod won v02
Islam, pendidikan karakter &amp; antikorupsi mod won v02Islam, pendidikan karakter &amp; antikorupsi mod won v02
Islam, pendidikan karakter &amp; antikorupsi mod won v02
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Perguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod wonPerguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod won
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Pengantar tot persiapan implementasi pak di lingkungan KKP
Pengantar tot persiapan implementasi pak di lingkungan KKPPengantar tot persiapan implementasi pak di lingkungan KKP
Pengantar tot persiapan implementasi pak di lingkungan KKP
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F (20)

TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdfKeamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
 
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
 
SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06
 
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset InformasiTata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
 
Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021
 
Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020
 
Keamanan Informasi - batasan
Keamanan Informasi - batasanKeamanan Informasi - batasan
Keamanan Informasi - batasan
 
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPKBuku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
 
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
 
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019 Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
 
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TIIIndeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
 
Materi wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 wonMateri wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 won
 
Materi caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod wonMateri caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod won
 
Antikorupsi mahasiswa
Antikorupsi mahasiswaAntikorupsi mahasiswa
Antikorupsi mahasiswa
 
Islam, pendidikan karakter &amp; antikorupsi mod won v02
Islam, pendidikan karakter &amp; antikorupsi mod won v02Islam, pendidikan karakter &amp; antikorupsi mod won v02
Islam, pendidikan karakter &amp; antikorupsi mod won v02
 
SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04
 
Perguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod wonPerguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod won
 
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
 
Pengantar tot persiapan implementasi pak di lingkungan KKP
Pengantar tot persiapan implementasi pak di lingkungan KKPPengantar tot persiapan implementasi pak di lingkungan KKP
Pengantar tot persiapan implementasi pak di lingkungan KKP
 

Recently uploaded

Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
chanes7
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
TechSoup
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
JEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questionsJEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questions
ShivajiThube2
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
David Douglas School District
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
Academy of Science of South Africa
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Scholarhat
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
DhatriParmar
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
goswamiyash170123
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
kimdan468
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Akanksha trivedi rama nursing college kanpur.
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
Mohammed Sikander
 

Recently uploaded (20)

Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
JEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questionsJEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questions
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
 

Sarwono sutikno wisuda stsn - 10 nov 2015 v2

  • 1. Informasi, Keamanan, Risiko, Kendali, Sasaran Kendali dan Perubahan Wisuda STSN, Ciseeng, Bogor 10 November 2015 Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Sekolah Teknik Elektro dan Informatika Institut Teknologi Bandung
  • 2. Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Current: • Cybersecurity Nexus Liaison, ISACA Indonesia Chapter • ISACA Academic Advocate at ITB • SME for Information Security Standard for ISO at ISACA HQ • Associate Professor at School of Electrical Engineering and Informatics, Institut Teknologi Bandung • Ketua WG Layanan dan Tata Kelola TI, anggota WG Keamanan Informasi serta Anggota Panitia Teknis 35-01 Program Nasional Penetapan Standar bidang Teknologi Informasi, BSN– Kominfo. • Lead Asesor Lembaga Sertifikasi SNI ISO/IEC 27001:2013 KAN Past: • Ketua Kelompok Kerja Evaluasi TIK Nasional, Dewan TIK Nasional (2007-2008) • Plt Direktur Operasi Sistem PPATK (Indonesia Financial Transaction Reports and Analysis Center, INTRAC), April 2009 – May 2011 Professional Certification: • Professional Engineering (PE), the Principles and Practice of Electrical Engineering, College of Engineering, the University of Texas at Austin. 2000 • IRCA Information Security Management System Lead Auditor Course, 2004 • ISACA Certified Information System Auditor (CISA). CISA Number: 0540859, 2005 • Brainbench Computer Forensic, 2006 • (ISC)2 Certified Information Systems Security Professional (CISSP), No: 118113, 2007 • ISACA Certified Information Security Manager (CISM). CISM Number: 0707414, 2007 Award: • (ISC)2 Asia Pacific Information Security Leadership Achievements (ISLA) 2011 award in category Senior Information Security Professional. http://isc2.org/ISLA 2
  • 3. Bloom Revised Bloom • Remember • Apply • Understand • Analyze • Evaluate • Create • Evaluation • Analysis • Synthesis • Application • Comprehension • Knowledge
  • 4. Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 4
  • 5. Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 5
  • 6. Sasaran Tata Kelola: Value Creation 6
  • 7. ISACA defines information security as something that: Ensures that information is readily available (availability), when required, and protected against disclosure to unauthorised users (confidentiality) and improper modification (integrity). 7 Keamanan informasi versi isaca Information security is a business enabler that is strictly bound to stakeholder trust, either by addressing business risk or by creating value for an enterprise, such as competitive advantage. At a time when the significance of information and related technologies is increasing in every aspect of business and public life, the need to mitigate information risk, which includes protecting information and related IT assets from ever-changing threats, is constantly intensifying.
  • 8. 8 Keamanan informasi ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
  • 9. 9 Keamanan Nasional ......... pemerintah negara Indonesia yang melindungi segenap bangsa Indonesia dan seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi dan keadilan sosial........ Pemanfaatan INFORMASI sebagai darah nadi kehidupan bangsa dalam perspektif Pertumbuhan Ekonomi untuk Kesejahteraan Rakyat
  • 10. Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 10
  • 12. PP 60/2008 Sistem Pengendalian Intern Pemerintah 12 Pasal 3 (1) d. informasi dan komunikasi (Information and Communication Internal Control) Psl 3 (1) c. kegiatan pengendalian (Internal Control Activities) Psl 3 (1) b. penilaian risiko (Internal Control Risk Assessment) Psl 3 (1) a. lingkungan pengendalian (Internal Control Environment) TuPokSiInstansi BisnisProses,SPO,dll Psl 3 (1) e. pemantauan pengendalian intern (Internal Control Monitoring) PeraturanPerundangan
  • 14. Three lines of defence 14
  • 15. 15
  • 16. Prinsip SNI ISO/IEC 31000 a. Risk management creates and protects value b. Risk management is an integral part of all organizational processes c. Risk management is part of decision making d. Risk management explicitly addresses uncertainty e. Risk management is systematic, structured and timely f. Risk management is based on the best available information g. Risk management is tailored h. Risk management takes human and cultural factors into account i. Risk management is transparent and inclusive. j. Risk management is dynamic, iterative and responsive to change k. Risk management facilitates continual improvement of the organization 16
  • 17. 4 Context of the organization 5 Leadership 6 Planning 7 Support 8 Operation 9 Performance evaluation 10 Improvemen t 4.1 Understanding the organization and its context 5.1 Leadership and commitmen t 6.1 Actions to address risks and opportunitie s 7.1 Resources 8.1 Operational planning and control 9.1 Monitoring, measuremen t, analysis and evaluation 10.1 Nonconformi ty and corrective action 4.2 Understanding the needs and expectations of interested parties 5.2 Policy 6.2 Information security objectives and plans to achieve them 7.2 Competence 8.2 Information security risk assessment 9.2 Internal audit 10.2 Continual improvement 4.3 Determining the scope of the information security management system 7.3 Awareness 8.3 Information security risk treatment 9.3 Management review 4.4 Information security 7.4 Communicat 17 MSS series: ISO 9000, 27000, 14000, 20000 (?)
  • 18. Seri SNI ISO/IEC 27000 SMKI 18
  • 19. Hubungan antar Kerangka COBIT 5 Panduan Umum Tata Kelola TIK Nas + Kuesioner Evaluasi Pengendalian Intern TIK Internal Control Framework COSO SNI ISO 38500 PP60/2008 Sistem Pengendalian Intern Pemerintah TataKelolaTataKelolaTIManajemenTI SNI ISO 27001SNI ISO 20000 19
  • 20. Hubungan antar Kerangka Keamanan COBIT 5 Panduan Umum Tata Kelola TIK Nas + Kuesioner Evaluasi Pengendalian Intern TIK Internal Control Framework COSO SNI ISO 38500 PP60/2008 Sistem Pengendalian Intern Pemerintah TataKelolaManajemenPerangkat SNI ISO 20000 20 RSNI ISO 27013 SNI ISO 27014 Governance of Information Security SNI ISO 15408 Common Criteria SNI ISO 27001 Information Security Management System
  • 21. Evaluation Assurance Levels (EAL) 1. Functionally tested 2. Structurally tested 3. Methodically tested and checked 4. Methodically designed, tested, and reviewed 5. Semi-formally designed and tested 6. Semi-formally verified design and tested 7. Formally verified design and tested
  • 22. Topik • Informasi dan Keamanan • Risiko, Kendali, Sasaran Kendali • Perubahan • Kemerdekaan 22
  • 23. Perubahan SNI ISO/IEC 27001:2013 Konteks organisasi Lingkungan organisasi Isu, risiko dan kesempatan Perubahan dari hanya preventiv Pihak berkepentingan Perubahan dari stakeholder Kepemimpinan Persyaratan pimpinan puncak Komunikasi Sejalan dgn PP60/2008 SPIP Pasal 3 angka 1 huruf d Sasaran Keamanan Informasi Tiap tingkat dan fungsi harus mempunyai sasaran keamanan informasi Penilaian Risiko Identifikasi aset, ancaman dan kelemahan bukan lagi persyaratan identifikasi risiko keamanan info Pemilik Risiko Menggantikan pemilik aset Rencana Penanganan Risiko Efektivitas rencana penangan risiko lebih penting dari efektivitas kendali Kendali Kendali ditentukan dalam proses penanganan risiko, bukan lagi dipilih dari Annex A SNI ISO/IEC27001 Informasi terdokumen Mengganti dokumen dan catatan Evaluasi Kinerja Termasuk pengukuran SMKI dan efektivitas rencana penanganan risiko Perbaikan berkesinambungan Metoda selain PDCA dapat dipakai
  • 24. Imam Santosa © LPPM ITB 2011 Terima Kasih INSTITUT TEKNOLOGI BANDUNG 24