<![CDATA[Information Technology (IT) is currently implemented in various fields of life, including in higher education. Some common IT-based service problems such as server down, slow systems, poor integration, and data security are important concerns for education managers. IT Service Management or Information Technology Service Management (ITSM) is a strategic approach to designing, providing, managing, and improving the way IT is used in an organization. ITIL is one of the most popular ITSM frameworks and includes a framework for evaluation and assessment. This study proposes the use of ITIL V4 to assess the level of maturity of security risk management in the higher education sector, which has not been widely explored. This study aims to measure and analyze the level of capability and assess the maturity of IT services, especially in risk management practices and information security management and analyze the level of gap between actual conditions that occur and expected standards. The results of the study indicate that the assessment of the level of maturity of higher education in managing IT service security risks, especially in both management practices, is at level 3 (Defined). These results indicate that universities have begun to realize the importance of IT security risk management, where practices are well defined, processes and activities are documented and standardized. To achieve continuous improvement according to the ITIL V4 standard, it is necessary to increase the capacity of the technology used, consistency in evaluation, and build an organizational culture that supports continuous risk management.]]>
