<![CDATA[This study interprets the application of the NIST Cybersecurity Framework (CSF) by Indonesian internal auditors. Employing Paul Ricoeur’s hermeneutic phenomenology and Interpretative Phenomenological Analysis (IPA), this research delves into the meaning of CSF from the perspective of internal auditors, including its adaptation to local organizational culture and the factors shaping its effectiveness. Key findings reveal that CSF transcends its role as a technical guide, acting instead as a driver for cybersecurity culture transformation. This study’s implications emphasize the necessity of cross-departmental collaboration, context-specific security policy departments, and the enhancement of internal auditor competencies. The novelty of this research lies in its application of in-depth interpretative analysis, showing CSF as an adaptive tool fostering cybersecurity systems attuned to Indonesia’s unique characteristics.]]>
Copyrights © 2025
