AUDIT PENERAPAN KEAMANAN SISTEM INFORMASI MENGGUNAKAN ISO 27001: 2013 (Studi Kasus: Rumah Sakit “MITRA SIAGA” Tegal)

Mitra Siaga Hospital has begun to utilize Information and Communication Technology (ICT) to support existing processes so as to produce precise and fast information. In the management of Information and Communication Technology (ICT), information is a very important asset for a company, both information related to management, finance, reports and other information. Leaks, damage, inaccuracies. The purpose is to determine the extent of the completeness and maturity of Information Technology at Mitra Siaga Hospital. However, they do not yet know whether the framework has fulfilled the requirements for the level of completeness and maturity of the application of the ISO 27001 standard. For this reason, it is necessary to carry out an information system security audit to determine the current conditions compared to the conditions they should. In the process, audits are carried out based on ISO 27001 Standards which are applied in the form of the US Index evaluation. The assessment was conducted thoroughly on five areas of information security using the US version of the Index 4 template from the Ministry of Communication and Information Technology The audit results are in the form of recommendations for evaluating the completeness and maturity of the information security framework based on ISO 27001 Standards.