Abstrak—Keamanan informasi pada era digital sangat penting, sehingga menjadi masalah penting bagi perusahaan, organisasi, serta lembaga pemerintahan. Dinas Komunikasi serta Informatika Kabupaten Karawang didirikan berdasarkan Peraturan Daerah No.14 pada Tahun 2016 mengenai Pembentukan serta Susunan Perangkat Daerah Kabupaten Karawang. Pemanfaatan teknologi informasi sudah diterapkan dalam sistem keamanan informasi pemerintah Kabupaten Karawang. namun dalam mewujudkan hal itu, belum sepenuhnya berhasil dalam pengambilan nilai serta manfaatnya. Riset ini mempunyai tujuan untuk melakukan evaluasi keamanan sistem informasi yang telah diimplementasikan pada institusi untuk menilai level kapabilitas menggunakan domain DSS05 pada COBIT 5. Metode yang dipakai yaitu Assesment Process Activities COBIT 5 antara lain Initiation Programme, Define Problems and Opportunities, Data Collection, Data Validation serta Process Atribut Level. Hasil riset ini didapatkan nilai kapabilitas 3,4 (as is) serta 4.1 (to be) maka proses yang telah diimplementasikan secara garis besar tercapai. Pada domain DSS05 mendapatkan capaian sebesar 92% berarti pada proses atribut 3.1 process definition tercapai penuh, sehingga penilaian dapat dilanjutkan ke level berikutnya yaitu (PA) 3.2 Process Deployment.

Abstract—Information security in the digital era is very important, so it becomes a critical problem for enterprise, organizations and governments. The Communication and Informatics Office of Karawang Regency was formed based on Peraturan Daerah No. 14 of 2016 concerning the Formation and Composition of the Karawang Regency Regional Apparatus. Information technology is already implememted in the information security system of the Karawang Regency government. However, in realizing this, the value and benefits have not been fully succeeded. This study aims to evaluate the security of information systems that have been implemented in institutions to assess Capability Level using the DSS05 domain at COBIT 5. The method used is the Assessment Process Activities of COBIT 5, including Initiation Program, Define Problems and Opportunities, Data Collection, Data Validation and Process Attribute Level. The results of this study obtained the capability value of 3,4 (as is) and 4.1 (to be) of the two values, so the process that has been implemented in outline is achieved. In the DSS05 domain, the achievement was 92%, meaning that the 3.1 process definition attribute process was fully achieved, so that the assessment could be continued to the next level, namely (PA) 3.2 Process Deployment.

R. Umar, I. Riadi, and E. Handoyo, “Analisis Keamanan Sistem Informasi Berdasarkan Framework COBIT 5 Menggunakan Capability Maturity Model Integration (CMMI),” J Sistem Informasi Bisnis., vol. 01, 2019.

R. Moeller,” Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL,” Canada: John Wiley & Sons Inc, 2013.

J. Selig,” Implementing Effective IT Governance and IT Management,” Amersfoort: Van Haren Publishing, 2015.

Yi Wang, Si Shi, Saggi Nevo, Shaorui Li, and Yang Chen,” The interaction effect of IT assets and IT management on firmperformance: A systems perspective,” International Journal of Information Management, pp. 580-593, 2015.

M. Hassanzadeh, N. Jahangiri, and B. Brewster, “A Conceptual Framework for Information Security Awareness, Assessment, and Training,” in Emerging Trends in ICT Security, 2014, pp. 99 – 109.

Symantec, “Internet Security Threat Report,” vol. 19, p. 98, 2014.

ISACA,” A Business Framework for the Governance and Management of Enterprise IT,” USA: IT Governance Institute, 2012.

D. Firmansyah, “Pengukuran kapabilitas pengelolaan sistem informasi sub domain deliver, service, support 01 menggunakan framework Cobit 5 Studi Kasus : Politeknik Komputer Niaga LPKIA Bandung,” in Konferensi Nasional Sistem & Informatika, pp. 689–695, 2015.

http://diskominfo.karawangkab.go.id/artikel/selayang-pandang