" SEMNASTEKNOMEDIA ONLINE "

Kerentanan dalam Information Exchange Environment (IEE) telah meningkat menjadi ancaman yang lebih luas dan rumit, sehingga keamanan informasi kini menjadi masalah yang mendasar untuk bisnis, organisasi, dan pemerintahan. Audit keamanan informasi menjadi suatu kebutuhan bagi organisasi pemerintahan. Paper ini dimaksudkan untuk menunjukkan kelebihan COBIT 5 sebagai sebuah metode yang paling cocok (fit) untuk digunakan dalam rencana audit keamanan sistem informasi di lingkungan Pemerintah Kota Yogyakarta.

M. Hassanzadeh, N. Jahangiri, and B. Brewster, “A Conceptual Framework for Information Security Awareness, Assessment, and Training,” in Emerging Trends in ICT Security, 1st ed., B. Akhgar and H. R. Arabnia, Eds. 2014, pp. 99– 109.

Symantec, “INTERNET SECURITY THREAT REPORT,” vol. 19, no. April, p. 98, 2014.

H. a. Kruger and W. D. Kearney, “A Prototype for Assessing Information Security Awareness,” Comput. Secur., vol. 25, no. 4, pp. 289–296, Jun. 2006.

C. Onwubiko, “A Security Audit Framework for Security Management in the Enterprise,” in Global Security, Safety, and Sustainability SE - 2, H. Jahankhani, A. Hessami, and F. Hsu, Eds. Springer Berlin Heidelberg, 2009, pp. 9–17.

P. K. Yogyakarta, Peraturan Walikota Yogyakarta. 2007, p. 36.

“ITIL® Home | ITIL®.” [Online]. Available: http://www.itil- officialsite.com/. [Accessed: 13-Apr-2014].

A. N. Shivashankarappa and L. Smalov, “Implementing it Governance Using Cobit : A Case Study Focusing on Critical Success Factors,” World Congr. Internet Secur., pp. 144–149, 2012.

Z. Huang, P. Zavarsky, and R. Ruhl, “An Efficient Framework for IT Controls of Bill 198 (Canada Sarbanes-Oxley) Compliance by Aligning COBIT 4.1, ITIL v3 and ISO/IEC 27002,” 2009 Int. Conf. Comput. Sci. Eng., vol. 198, pp. 386–391, 2009.

S. Sahibudin, M. Sharifi, and M. Ayat, “Combining ITIL, COBIT and ISO/IEC 27002 in Order to Design a Comprehensive IT Framework in Organizations,” 2008 Second Asia Int. Conf. Model. Simul., pp. 749–753, May 2008.

“ITIL.org - ITIL.” [Online]. Available: http://itil.org/en/vomkennen/itil/index.php. [Accessed: 13-Nov- 2014].

“Introduction to ISO 27002 / ISO27002.” [Online]. Available: http://www.27000.org/iso-27002.htm. [Accessed: 12-Nov-2014].

D. Brewer, “Moving from ISO / IEC 27001 : 2005 to ISO / IEC 27001 : 2013,” 2013.

“BS ISO/IEC 27002:2005 - BS 7799-1:2005 Information technology -- Security techniques -- Code of practice for information security management,” 2007. [Online]. Available: http://www.iso.org/iso/iso_catalogue/catalogue_ics/catalogue_deta il_ics.htm?csnumber=39612. [Accessed: 13-Apr-2014].

D. Greefhorst, “TOGAF & Major IT Frameworks, Architecting the Family,” 2013.

ISACA, COBIT 5 Enabling Processes. ISACA, 2012, p. 230.

J. Wallhoff, “Combining ITIL with COBIT and 17799,” 2000.

M. Spremić, “Governing Information System Security: Review of Approaches to Information System Security Assurance and Auditing,” Latest Trends Appl. Informatics Comput., pp. 42–48, 2011.

ISACA, “COBIT 5 A Business Framework for the Governance and Management of Enterprise IT,” 2012. [Online]. Available: http://www.isaca.org/COBIT/Pages/default.aspx?cid=1003566&A ppeal=PR. [Accessed: 13-Apr-2014].

A. Piamonte, “VALIT2.0 ‐ COBIT 5 Unlocking the Value of Technology Investments,” 2012, pp. 1–41.

ISACA, Process Assessment Model (PAM): Using COBIT ® 5. ISACA.

ISACA, COBIT 5 for Information Security. ISACA, 2012, p. 220.

M. Spremic, “Standards and Frameworks for Information System Security Auditing and Assurance,” World Congr. Eng., vol. I, p. 6, 2011.

M. Spremić, D. Ph, M. Ivanov, and P. D. Full, “Using CobiT Methodology in Information System Auditing : Evidences from measuring the level of Operational Risks in Credit Institutions 2 . Managing Risks in Credit Institutions System Auditing and Assessing The,” Recent Adv. Bus. Adm., pp. 45–50, 2010.

B. von Solms, “Information Security governance: COBIT or ISO 17799 or both?,” Comput. Secur., vol. 24, no. 2, pp. 99–104, Mar. 2005.

B. von S. R. von Solms, Information Security Governance. 2009, p. 141.