Assessing an Information Security Governance Using IPPF in Multi-Finance Company

To ensure the performance of a company, at less once a year, the company use external or internal auditor to assess all assets of the company, include governance. One of company governance is information security governance. Multi-finance Company has to report to the regulator about internal audit a...

Full description

Saved in:
Bibliographic Details
Published in2019 International Conference on Information Management and Technology (ICIMTech) Vol. 1; pp. 596 - 601
Main Authors Suroso, Jarot S., Hwa, Tjoa Han, Syafaat, Reza, Saddam, Pasaribu, Faizal A., Mujiatun, Siti
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.08.2019
Subjects
Companies
Information security
information security governance
IT audit
multi-finance company
Regulators
Standards organizations
Online AccessGet full text

Cover

More Information
Summary:To ensure the performance of a company, at less once a year, the company use external or internal auditor to assess all assets of the company, include governance. One of company governance is information security governance. Multi-finance Company has to report to the regulator about internal audit activities. Otoritas Jasa Keuangan (OJK) is a financing companies' regulator, subject to Indonesia Law. International Professional Practices Framework (IPPF) is one of the standards for Internal Audit. This research what to list the questions Internal Auditor will ask the IT team to assess them about Information Security Governance. PT.ABC, a multi-finance company, will be used as a case study.
DOI:10.1109/ICIMTech.2019.8843733