<![CDATA[In the digital age of the Industrial Revolution 4.0, organizations like BPRACo must undergo Digital Transformation (DT). A significant challenge is the lack of adequate information security controls, which can lead to DT failure. Smaller banks, such as BPR, face difficulties in adopting effective information security management strategies that are proven for larger institutions. This study aims to identify the application of ISO 27001:2022 standards and develop an information security management system focusing on the most critical annex clauses for SME digital transformation. It also seeks to evaluate and analyze the impact of an information security management system aligned with these key clauses on SME DT success. The research employs a five-stage Design Science Research (DSR). Data were collected through interviews and document analysis, then analyzed using the ISO 27001:2022 framework for Information Security Management Systems (ISMS). The study identified six priority Clause and Annex controls for BPRACo. Based on the gaps, six essential solutions were designed, compiled into an implementation roadmap to enhance BPRACo readiness for full ISMS implementation and certification, supporting DT success in small banks. This research provides valuable insights and practical implications for information security management in small banks.]]>
Copyrights © 2024
