<![CDATA[In the era of Industry 4.0, incumbent organizations like BPRCCo must undergo Digital Transformation (DT) to remain competitive. However, a significant challenge in this process is ensuring information security, a critical factor often leading to the failure of DT initiatives. Previous studies have emphasized the importance of ambidextrous information security management—balancing traditional and agile approaches—for large banks in achieving successful DT, particularly concerning information security. However, this approach has yet to be validated for small-scale banks like BPRs. Therefore, this research aims to develop tailored recommendations for an Information Security Management System (ISMS) suitable for Small and Medium Enterprises (SME) and assess the potential enhancements in their capabilities to support DT. The research employs Design Science Research (DSR) methodology, encompassing problem identification, requirements specification, design and development, demonstration, and evaluation phases. Data was gathered through interviews and data analysis, and subsequently analyzed using the ISMS framework aligned with the ISO 27001:2022 standard. The risk analysis and review of previous studies revealed that 29 control in the PDCA cycle and Annex are critical priorities for BPRCCo. Based on this, several ISMS-based solutions were designed. These recommendations are presented as an implementation roadmap that can guide BPRCCo in preparing and fully implementing ISMS in crucial areas to support its DT efforts. This research contributes to the understanding of ISMS in small-scale banking, offering valuable insights through a case study approach relevant to SMEs and similar organizations.]]>
Copyrights © 2024
