Design and implementation information security governance using Analytic Network Process and cobit 5 for Information Security a case study of unit XYZ

Information as one of the important assets in an organization has a strategic value in particular conditions should fulfill confidentiality, integrity, availability, compliance, and reliability. In performing its functions, most organizations have a security threats, therefore it is necessary to implement the governance of information security to protect information that has strategic value. In managing information, information security aspects such as confidentiality, integrity and availability is a very important aspect to be considered to business process sustainability and to achieve the objectives of the organization. To ensure information security in an organization, information security governance could be one of the strategies actions that can be implemented. COBIT 5 provides a comprehensive framework that helps companies in achieving their goals for the governance and management of enterprise IT. COBIT 5 for Information Security is built based on COBIT 5 framework that focuses on information security and provides more detailed guidance and more practical for security information. This paper discusses how to design an information security governance using COBIT 5 for Information Security and Analytic Network Process to select the priority objectives of the organization.