EVALUASI KEAMANAN SISTEM INFORMASI PUSAT SISTEM DAN SUMBER DAYA INFORMASI UNIVERSITAS GADJAH MADA MENGGUNAKAN INDEKS KEAMANAN INFORMASI (INDEKS KAMI)

The main purpose of the information systems security is to maintain 3 (three) attributes: confidentiality, integrity and availability. Ensuring these three influence greatly on the sustainability of the organization's information technology services. To develop an information security management systems, there has been an international standard called ISO 27001. Gadjah Mada University (UGM) has a Systems and Information Resource Centre (PSDI), which acts as a centre for information technology services at UGM. PSDI has not implemented the ISO 27001 standard yet. Prior to standardization is applied, it is necessary to evaluate the security of information systems in the PSDI to get a picture of the readiness and maturity of information security. Prior to standardization is applied, it is necessary to evaluate the security of information systems in the PSDI to get a picture of the readiness and maturity of information security. Information Security Index is an evaluation tool that was released by the Ministry of Communication and Information that serves to analyse the readiness level of information security in government agencies. Information Security Index parameters represent the level of readiness in accordance with the completeness of the application security control standards ISO/IEC 27001:2005 as well as application security maturity level refers to the framework of the Control Objectives for Information and Related Technology (COBIT). After determining the importance rate and the role of Information and Communication Technology (ICT) in the PSDI, areas that are evaluated include information security governance, information security risk management, information security framework, information asset management and information technology and security. It was found that the level of the role and importance of ICT in the PSDI is Moderate. The final score of the Information Security Index is 305 out of 588 maximum. With this score, PSDI is considered 'Need Improvement' in order to implement the ISO 27001 standard. Following is improvement suggestions for the deficiencies found in the information security management system. Keywords: Information systems security, Information Security Index, ISO 27001, Systems and Information Resource Centre.