Future of Information and Communication Conference (FICC) 2023
2-3 March 2023
Publication Links
IJACSA
Special Issues
Future of Information and Communication Conference (FICC)
Computing Conference
Intelligent Systems Conference (IntelliSys)
Future Technologies Conference (FTC)
Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.
Digital Object Identifier (DOI) : 10.14569/IJACSA.2023.0140468
Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 14 Issue 4, 2023.
Abstract: The development of Information and Communication Technology (ICT) in the Industrial Revolution 4.0 era shows very fast and disruptive developments that encourage increased use of Information Technology (IT) services within organizations. However, there is a risk of creating vulnerabilities and threats to owned information systems. Plans and strategies are required to implement information security risk management to address vulnerabilities in threat events. This research is a case study of the Enterprise Resource Planning System in the Insurance Sector. The proposed methodologies for integrating information security risk management using ISO/IEC 27005:2018 as a risk management framework and NIST SP 800-30 Rev. 1 as guidance for risk assessments. The risk evaluation stage is the process of comparing the results of the risk analysis with the risk criteria to then determine whether the risk rating is acceptable or tolerable. For risk treatment and control using the ISO/IEC 27002:2022 framework.
Arief Prabawa Putra and Benfano Soewito, “Integrated Methodology for Information Security Risk Management using ISO 27005:2018 and NIST SP 800-30 for Insurance Sector” International Journal of Advanced Computer Science and Applications(IJACSA), 14(4), 2023. http://dx.doi.org/10.14569/IJACSA.2023.0140468
@article{Putra2023,
title = {Integrated Methodology for Information Security Risk Management using ISO 27005:2018 and NIST SP 800-30 for Insurance Sector},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2023.0140468},
url = {http://dx.doi.org/10.14569/IJACSA.2023.0140468},
year = {2023},
publisher = {The Science and Information Organization},
volume = {14},
number = {4},
author = {Arief Prabawa Putra and Benfano Soewito}
}