<![CDATA[Information system-based trading platforms play an important role in supporting real-time, high-value, and high-risk commodity futures trades. With their complex designs, huge transaction volumes, and reliance on digital technology, information system security is crucial to operational reliability and stakeholder confidence. Weak security measures can result in financial losses, service disruptions, and reputational damage. This study employs an information system audit approach to assess the efficacy of information system security controls on a commodity futures trading platform. A descriptive qualitative approach with a case study at Company X was used. Data were gathered by analyzing security audit reports, internal policies, and operational processes, conducting interviews with system management and supervisory people, and observing platform activities. Data analysis involved comparing real system circumstances to information system audit best practices and digital transaction security standards. The findings indicate that security procedures have been widely implemented but are only partially compliant. Key holes were detected in risk planning that is not frequently updated, insufficient documentation of operational controls, flaws in human resource competency management, and a lack of comprehensive continuous monitoring and improvement processes. These findings emphasize that effective information system security necessitates not just the establishment of controls, but also consistent implementation, thorough documentation, and alignment of technology controls with business operations.]]>
