The management wishes to continue encouraging the implementation of digitalization in all operational lines at PT Gunung Madu Plantations (GMP), especially with the already implemented ERP Ms. Dynamics AX which lead to future Digital Plantations.
In its implementation, the IT Division has a vital role, from preparing and maintaining supporting infrastructure (network, servers, databases, etc.) to application development (ERP, web portal, and other supporting applications).
Adi Jauhari, the Head of the IT Division, said that GMP provides centralized storage and all of the data and information process as well as physical access to the Data Center and Data Recovery Center. In accordance with management’s objectives to ensure that in the day-to-day operations, the IT Division implements procedures and rules according to international information security standards.
There are three main factors in information security measurement, namely factor C-I-A: Confidentiality, Integrity, Availability.
Through ISO 27001:2013, the IT GMP team sets standard information security procedures in implementing IT roles on a daily basis according to the goals and future development of PT GMP. This ISO 27001:2013 certification was obtained by the IT Division in October 2021, where for the initial stage, the scope was still limited to managing the Data Center and Data Recovery Center.
In 2022, an ISO 27001: 2013 audit, commonly called surveillance audit, will be carried out for the second year. The auditor will check and verify whether the implementation of the Information Security System in the previous year was still being carried out onwards. Moreover, in 2022 the IT Division also added an audit scope, which was the Core ERP System Development process.
The process of implementing this information security standard has actually been carried out in stages since 2016, when management first launched a digitization program. The process begins with the preparation of network infrastructure and data centers by applicable industry standards, as well as in the early stages of ERP development in accordance with standard rules of safe development.
Menu
