SOM BASED ASSURANCE ASSESSMENT FOR INFORMATION SECURITY MANAGEMENT SYSTEM IN ORGANIZATION

Tubagus Mohammad Akhriza

doi:10.36382/jti-tki.v1i1.138

Tubagus Mohammad Akhriza STMIK PPKIA Pradnya Paramita Malang

DOI: https://doi.org/10.36382/jti-tki.v1i1.138

Abstract

Abstract: Information Security Management System (ISMS) has a lot of standards such as ISO/IEC 27001. In order to assess the quality assurance of ISMS, an organization should design and implement some mechanism. I propose a mechanism for quality assurance assessment using Kohonen’s Self Organizing Map (SOM). SOM is a means for automatically arranging high-dimensional statistical data so that alike inputs are in general mapped close to each other. The resulting map avails itself readily to visualization, and thus the distance relations between different data items can be illustrated in an intuitive manner. This proposal shows that the proposed framework is able to be conducted and implemented. Through this map, the organization will be able to assess how far the organization’s information security quality has gap with the standard. Not only ISMS ISO’s standard, but also another standard such as Indonesian National Board of Accreditation (BAN-PT).

Keywords: SOM, Information Security Management System, Quality Assurance

References

Anonymous. Without year. Kohonen's Self Organizing Feature Maps. http://www.ai-junkie.com/ann/som/som1.html.

ISO. 2005. Information technology–Security techniques–Information security management systems–Requirements. International Standard ISO/IEC 27001. First Edition 2005-10-15.

Killmeyer, J., 2006. Information Security Architecture. An Integrated Approach to Security in the Organization Second Edition. Auerbach Publications Taylor & Francis Group 6000 Broken Sound Parkway NW,

Kohonen. 1982. Self-organizing formation of topologically correct feature maps. Biological Cybernetics, 43(1):59-69

Kohonen, T. 1995. Self-Organizing Maps. Springer. Berlin. Heidelberg. 2nd extended ed. 1997

Kohonen, T., Hynninen, J., Kangas, J., and Laaksonen, J. 1996. SOM_PAK: The Self-Organizing Map program package. Report A31, Helsinki University of Technology, Laboratory of Computer and Information Science.

Pfleeger, C.P. and Pfleeger，S.L. 2006. Security in Computing, 4th Edition. Prentice Hall PTR; 4th edition (October 23, 2006)

Sean Boran. 2003. IT Security Cookbook. http://www.boran.com/security/

Fangfang Zhang and Shaolin Deng. 2008. Studies on the Visualization for Web Information Retrieval. IEEE Computer Society.

George, A., Makanju, A., Heywood, A.N.Z., and Milios, E.E. 2008. Information Retrieval in Network Administration. IEEE Computer Society.