Kepedulian Keamanan Informasi di Pemerintahan: Praktik Manajemen dan Dampaknya
Abstract
Currently the organization is facing challenges due to the Covid19 pandemic which has caused changes in work patterns for all members of the organization. The priority of management is to give more attention to information security, especially for members and government organizations in general. Various information security practices have been carried out, but there are obstacles that occur such as the lack of awareness of information security, work behavior, work culture, and the lack of human resources available and this can have a negative impact on the level of information security concern in the organization. Information security practices carried out by management do not always have an impact on changes in the behavior of organizational members. From the data obtained, there are many information security practices that may have been implemented by management. But do members of the organization care about the practice. Therefore, it is important to conduct research with the aim of knowing the practice of information security concern that has been carried out by management whether it has an impact on organizational members, especially the organization itself. This study used qualitative and quantitative interpretive approaches as a data collection process in three government organizations. Qualitative is used to obtain data from management and processed using the SAP-LAP model through interviews. Then an online survey was conducted with members of the organization to determine the impact of implementing information security care practices on the organization. The results show that organizational members have a high level of concern for the management's information security practices.
References
A. Z. Maingak and L. D. Harsono, “Information Security Assessment Using Iso / Iec 27001 : 2013 Standard,†vol. 17, no. 1, pp. 28–37, 2018.
M. Amin, “Pengukuran Tingkat Kesadaran Keamanan Informasi Menggunakan Multiple Criteria Decision Analysis (Mcda),†vol. 5, no. 1, pp. 15–24, 2014.
A. N. Singh and M. P. Gupta, “Information Security Management Practices: Case Studies from India,†Glob. Bus. Rev., vol. 20, no. 1, pp. 253–271, 2017.
R. Anand, S. Medhavi, V. Soni, C. Malhotra, and D. Kumar Banwet, “Information & Computer Security Transforming Information Security Governance in India ( A SAP-LAP based Case Study of Security , IT Policy and e-Governance ),†Transform. Inf. Secur. Gov. India, 2016.
M. I. Merhi and P. Ahluwalia, “Examining the impact of deterrence factors and norms on resistance to Information Systems Security,†Comput. Human Behav., vol. 92, no. October 2018, pp. 37–46, 2019.
Sushil, “SAP-LAP models of inquiry,†Manag. Decis., vol. 38, no. 5, pp. 347–353, 2000.
R. Lepofsky, “COBIT® 5 for Information Security,†Manag. Guid. to Web Appl. Secur., pp. 133–145, 2014.
S. E. Chang and C. B. Ho, “Organizational factors to the effectiveness of implementing information security management,†Ind. Manag. Data Syst., vol. 106, no. 3, pp. 345–361, 2006.
K. A. Barton, G. Tejay, M. Lane, and S. Terrell, “Information system security commitment: A study of external influences on senior management,†Comput. Secur., vol. 59, pp. 9–25, 2016.
G. P. Z. Montesdioca and A. C. G. Maçada, “Measuring user satisfaction with information security practices,†Comput. Secur., vol. 48, pp. 267–280, 2015.
A. N. Singh, M. P. Gupta, and A. Ojha, “Identifying factors of ‘organizational information security management," J. Enterp. Inf. Manag., vol. 27, no. 5, pp. 644–667, 2014.
M. T. Siponen, “A conceptual foundation for organizational information security awareness . Information Management & Computer Security A conceptual foundation for organizational information security awareness,†vol. 8, no. January, pp. 31–41, 2016.
S. E. Chang and C. S. Lin, Exploring organizational culture for information security management, vol. 107, no. 3. 2007.
H. N. Chua, S. F. Wong, Y. C. Low, and Y. Chang, “Impact of employees’ demographic characteristics on the awareness and compliance of information security policy in organizations,†Telemat. Informatics, vol. 35, no. 6, pp. 1770–1780, 2018.
S. Sharma and M. Warkentin, “Do I really belong?: Impact of employment status on information security policy compliance,†Comput. Secur., vol. 87, p. 101397, 2019.
C. H. Au and W. S. L. Fung, “Integrating knowledge management into information security: From audit to practice,†Int. J. Knowl. Manag., vol. 15, no. 1, pp. 37–52, 2019.
N. S. Safa and R. Von Solms, “An information security knowledge sharing model in organizations,†Comput. Human Behav., vol. 57, pp. 442–451, 2016.
U. Sekaran, Research and Markets: Research Methods for Business - A Skill Building Approach. 2003.
Sugiyono, “Statistika untuk Penelitian,†in Statistika untuk Penelitian, Alfabeta Bandung, 2019, p. 63.
