AUDIT KEAMANAN SISTEM INFORMASI MANAJEMEN RUMAH SAKIT BERDASARKAN ISO 27002:2005 PADA RUMAH SAKIT ISLAM JEMURSARI
Abstract: Jemursari Islamic
Hospital Surabaya is a company which focuses on medical service. This hospital
uses Hospital Management Information System (SIM-RS) to undergo its business
processes. There are obstacles during the implementation of HMIS including:
frequent of information leak, the defect of information tools, and the low
awareness of information security among the employees. It causes the emerge of
some risk such as information misuses, privileges misuse by the unconcerned employees,
failure in data processing, even cybercrime or data theft that causes data
lost.
To overcome those problems, Jemursari Islamic Hospital Surabaya performs
information system security audit using ISO 27002:2005 as the best practice in
information security. The steps are taken from ISACA steps. The scopes which
are checked based on the problems are Human Resource Security, Physical and Environmental
Security, Information System Access Control and Acquisition, Development and
Maintenance.
The management information system security audit produces maturity level
3,47 which is in defined category. It shows that most of information system
security processes already have rules and routinely implemented. This research
also produce a recommendation to improve the processes of HMIS in Jemursari
Islamic Hospital Surabaya.
Penulis: Alfian N Rahman
Kode Jurnal: jptinformatikadd160676