Evaluation of Information Security Management Using the KAMI Index Framework

The KAMI index is an instrument to analyze the quality of the completeness and maturity of the implementation of information security for an organization based on the criteria of SNI ISO/IEC 27001. The KAMI index is not intended to analyze the feasibility of the existing security model, but as a tool to describe the readiness of the current information security framework. This research will conduct a self-assessment using the KAMI Index with the Data Center object at the Samarinda City Communication and Information Center in 2020. The agency has not yet received an overview of the readiness condition of the Data Center information security framework. This study uses a qualitative descriptive method approach. The results of the recapitulation of the KAMI index self-assessment value for Data Centers is 88 with details: information security governance is 42, information security risk management is 0, the information security framework is 2, information and technology asset management is 22 and information security is 22. The score for the category The electronic system in the Data Center is 26. Based on the final evaluation result of the self-assessment of the KAMI Index for the Data Center at Diskominfo Samarinda City, the readiness status is: “Not Eligible” with the category of ”High” electronic system so there is too big a difference in the value of management information security management and Electronic Systems (SE) category scores.