@phdthesis{digilib54072,
           month = {May},
           title = {IMPLEMENTASI KERANGKA KERJA MANAJEMEN RISIKO SISTEM INFORMASI DI PERPUSTAKAAN BERBASIS ISO 27001:2013},
          school = {UIN SUNAN KALIJAGA YOGYAKARTA},
          author = {NIM.: 15140049 Eko Agus Setyono},
            year = {2022},
            note = {Pembimbing: Dr. Syifaun Nafisah, S.T., M.T.},
        keywords = {Sistem Informasi, Manajemen Risiko, Manajemen Keamanan Informasi, ISO 27001:2013},
             url = {https://digilib.uin-suka.ac.id/id/eprint/54072/},
        abstract = {This research aims to determine the stages of implementing an information system risk management framework in library using the ISO 27001:2013 standard. The research method used in this research is qualitative with a library research approach. The data collection technique in this research uses a literature study which discusses the use of ISO 27001:2013 as an information system risk management framework in library, documentation, and unstructured observations. The data analysis technique uses the Miles and Huberman model which consists of three stages, namely, data reduction, data presentation, and drawing conclusions. Test the validity of the data in this research using the credibility test, dependability test, and confirmability test. The results of this research indicate that the stages of implementing the information system risk management framework in library based on ISO 27001:2013 can be carried out in seven stages, namely (a) forming an implementation team, (b) developing an implementation plan, (c) building and determining the scope of the Information Security Management System, (d) perform a risk assessment process, (e) determine information security controls, (f) monitor and review the Information Security Management System, and (g) perform ISO 27001:2013 certification}
}