Perancangan Enterprise Architecture Dengan TOGAF-ADM Framework Dan ISO 27001:2013 Pada Institut Teknologi Telkom Surabaya

Ningtyas, Mastuty Ayu (2023) Perancangan Enterprise Architecture Dengan TOGAF-ADM Framework Dan ISO 27001:2013 Pada Institut Teknologi Telkom Surabaya. Masters thesis, Institut Teknologi Sepuluh Nopember.

[thumbnail of 60322202118-Master_Thesis.pdf] Text
60322202118-Master_Thesis.pdf - Accepted Version
Restricted to Repository staff only until 1 April 2025.

Download (6MB) | Request a copy

Abstract

ITTelkom Surabaya merupakan lembaga pendidikan tinggi yang berbasis Teknologi Informasi dan Komunikasi. Penerapan sistem informasi/teknologi informasi (SI/TI) sangat diperlukan dalam suatu proses bisnis di organisasi sebagai solusi untuk meningkatkan kualitas dan daya saing bisnis dikarenakan ketika suatu organisasi semakin besar dan tingkatan operasional semakin tidak sederhana maka pihak manajemen dalam kebutuhan fungsional khususnya proses bisnis, data, teknologi, dan aplikasi akan semakin besar. Melalui pengembangan SI/TI telah membantu efisiensi dan efektifitas layanan akademis namun tidak sepenuhnya mendukung strategi bisnis dalam mewujudkan visi institusi. Terdapat proses bisnis, job description, key performance indicator, risiko, standar tidak inline dengan strategi institusi, serta belum adanya pemetaan kepemilikan data dan aplikasi dengan proses bisnis. Setelah melakukan analisa bahwa hasil dari perancangan enterprise architecture nanti tidak terdapat login, sehingga pelu mengkaji risk keamanan informasinya. Perencanaan strategi SI/TI yang selaras dengan strategi bisnis institusi dilakukan dengan pendekatan enterprise architecture. Kerangka kerja perencanaan SI/TI yang digunakan adalah TOGAF-ADM meliputi business architecture, information architecture, data architecture, dan application architecture. Selain TOGAF-ADM penelitian ini akan mengintegrasikan dengan menggunakan ISO 27001:2013 untuk manajemen keamanan pada sistem informasi dengan melakukan risk assessment. Perancangan arsitektur enterprise telah menghasilkan blueprint berupa arsitektur bisnis, arsitektur sistem informasi, dan arsitektur teknologi yang selaras dengan strategi bisnis organisasi. Hasil analisis penilaian risiko pada keamanan informasi menunjukkan terdapat 3 prioritas risiko dalam perancangan arsitektur enterprise. Berdasarkan evaluasi, nilai kematangan awal adalah 0,08 nilai tersebut sangat rendah. Dengan menggunakan framework TOGAF-ADM dan menyesuaikan dengan masing-masing indikator EA-CMM maka dapat dicapai nilai maturity level 1 dimana proses enterprise architecture tersebut telah memulai membangun dan mengintegrasikan proses enterprise architecture dalam operasi bisnis dan memiliki potensi untuk meningkatkan dan mengoptimalkan proses.
================================================================================================================================
ITTelkom Surabaya is an Information and Communication Technology-based higher education institution. The application of information systems/information technology (IS/IT) is very much needed in a business process in an organization as a solution to improve the quality and competitiveness of a business because when an organization gets bigger and the operational level is increasingly complex, the management needs functional requirements, especially business processes, data, technology, and applications will be even greater. The development of IS/IT has helped the efficiency and effectiveness of academic services but does not fully support the business strategy in realizing the institution's vision. There are business processes, job descriptions, key performance indicators, risks, and standards that are not in line with the institution's strategy, and there is no mapping of data ownership and applications with business processes. After analyzing that the results of the enterprise architecture design will not contain logins, so it is necessary to examine the risk to information security. IS/IT strategy planning that is aligned with the institutional business strategy is carried out using an enterprise architecture approach. The IS/IT planning framework used is TOGAF-ADM including business architecture, information architecture, data architecture, and application architecture. In addition to TOGAF-ADM, this research will integrate using ISO 27001:2013 for security management in information systems by conducting a risk assessment. Enterprise architecture planning has produced a blueprint in the form of business architecture, information system architecture, and technology architecture that is aligned with the organization's business strategy. The results of the risk assessment analysis on information security show that there are 3 priority risks in planning enterprise architecture. Based on the evaluation, the initial maturity value is 0.08, this value is very low. By using the TOGAF-ADM framework and adjusting to each of the EA-CMM indicators, a maturity level 1 value can be achieved where the enterprise architecture process has started to build and integrate enterprise architecture processes in business operations and has the potential to improve and optimize the process.

Item Type: Thesis (Masters)
Uncontrolled Keywords: Perencanaan strategi sistem informasi/teknologi informasi, enterprise architecture, TOGAF-ADM, ISO 27001:2013, Information system/information technology strategic planning, enterprise architecture
Subjects: T Technology > T Technology (General) > T58.6 Management information systems
Divisions: Interdisciplinary School of Management and Technology (SIMT) > 61101-Master of Technology Management (MMT)
Depositing User: Mastuty Ayu Ningtyas
Date Deposited: 17 Feb 2023 04:00
Last Modified: 17 Feb 2023 04:00
URI: http://repository.its.ac.id/id/eprint/97458

Actions (login required)

View Item View Item