audit operasional ti -...
TRANSCRIPT
![Page 1: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/1.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
AuditOperasional TI
Budi Hermawan, S.Kom
CISA, CISM, CGEIT
![Page 2: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/2.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Divisi Teknologi Informasi bertanggung jawab untuk memastikan operasional TI yang stabil, aman dan efisien secara keseluruhan, baik yang diselenggarakan sendiri maupun yang diselenggarakan oleh Pihak Penyedia Jasa TI
• Divisi TI harus melakukan penilaian risiko secara berkala terhadap aktivitas operasional TI
![Page 3: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/3.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Operasional Data Center
– penjadwalan tugas
– pelaksanaan tugas
– pendistribusian laporan / output
– proses backup
– pengaktifan jejak audit / audit trail
![Page 4: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/4.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Perencanaan Kapasitas
– pendokumentasian utilisasi resources
• processor
• memory
• storage
– analisa history utilisasi resources
– perencanaan peningkatan kapasitas agar resources yang digunakan tidak
• under utilized ( < 30% - 40% ); maupun
• over utilized ( > 85% )
![Page 5: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/5.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Pengelolaan Konfigurasi Hardware & Software
– proses instalasi hardware dan software
– pengaturan parameter (hardening) hardware dan software
– inventarisasi hardware, software, network device, storage, dll
![Page 6: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/6.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi– inventarisasi hardware
• hardware milik perusahaan
• hardware milik pihak eksternal
• record– vendor
– model
– tanggal beli dan instalasi
– spesifikasi teknis
– sistem operasi
– fungsi
– lokasi
![Page 7: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/7.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi– inventarisasi software
• record– vendor
– tanggal instalasi
– versi dan release
– pemilik / penanggung jawab
– parameter value
– active services
– banyak lisensi yang dibeli
– banyak lisensi yang digunakan dan lokasi penggunaannya
![Page 8: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/8.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi– inventarisasi network
• network diagram
• internal & eksternal connection
• daftar & kapasitas network devices
• identifikasi vendor jaringan komunikasi
• sistem pengamanan jaringan
![Page 9: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/9.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi– inventarisasi storage
• record– jenis
– kapasitas
– lokasi penyimpanan
– klasifikasi data yang disimpan
– masa retensi
– pengujian data restore
![Page 10: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/10.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi– inventarisasi perangkat pendukung Data Center
• UPS
• GENSET
• Smoke Detector
• APAR
• Fire Suppression System
• Water Detector
• CRAC / HVAC
![Page 11: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/11.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Pemeliharaan Hardware dan Software
– Perawatan Hardware dan Perangkat Pendukung DC
• jadwal perawatan
• log sejarah permasalahan dan perawatan, baik yang terencana maupun yang tidak terencana
• dilakukan oleh pihak ketiga yang kompeten dan memiliki reputasi yang baik
![Page 12: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/12.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi– Pengamanan Fisik dan Lingkungan DC
• Pengendalian akses fisik ke DC
• Pengendalian lingkungan DC– memantau listrik, api, air, suhu dan kelembaban
– memantau kinerja hardware dan software di DC
![Page 13: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/13.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi– Pemeliharaan Software
• kebijakan dan prosedur penggunaan software
• standar software untuk setiap role dalam perusahaan
• distribusi dan instalasi software secara terpusat
• diskless workstations and access applications from a secured LAN
• inventarisasi software di workstation secara periodik
![Page 14: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/14.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Change Management
– pengendalian perubahan
– patch management
– migrasi data
![Page 15: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/15.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Penanganan Kejadian / Permasalahan
– Help Desk
• dokumentasi permasalahan yang lengkap– pelapor, permasalahan, waktu lapor, prioritas
– penerima, waktu respon, prioritas, target penyelesaian
– penyelesai, cara penyelesaian, waktu penyelesaian
– status permasalahan (open, progress, close)
• knowledge-based help desk
![Page 16: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/16.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Pengelolaan Database
• Pengendalian Pertukaran Informasi
• Pengelolaan Hubungan dengan Pihak Penyedia Jasa TI
– pemantauan layanan
– pelaporan permasalahan
– dokumentasi hubungan kerjasama dan komunikasi
![Page 17: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/17.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Operasional Teknologi Informasi
• Penghapusan Hardware dan Software
– hardware yang di-dispose harus dipastikan tidak lagi menyimpan data yang bersifat restricted dan/atau confidential
![Page 18: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/18.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
![Page 19: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/19.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
![Page 20: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/20.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
![Page 21: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/21.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
![Page 22: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/22.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
![Page 23: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/23.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
![Page 24: Audit Operasional TI - blog.stikom.edublog.stikom.edu/erwin/files/2012/11/A.-Audit-Operasional-TI.pdf · adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT Audit Operasional](https://reader034.vdocuments.net/reader034/viewer/2022051202/5a8a33ac7f8b9adb648bdb64/html5/thumbnails/24.jpg)
adita.si | auditti.com | Budi Hermawan, S.Kom, CISA, CISM, CGEIT
Terima KasihBudi Hermawan, S.KomCISA, CISM, CGEIT
PT. Adikarya Tata InformasiGraha Bumiputera Lt. 8Jalan Raya Darmo No. 155 - 159Surabaya
Email : [email protected]
Web : adita.si: auditti.com