<![CDATA[The Watumas Outpatient Pratama Clinic is an institution that utilizes Information Technology (IT) to assist its operations and health services. IT empowerment in this clinic is carried out by the department responsible for the technology applied, including the management and storage of highly sensitive patient data. Considering the importance of protecting the data and information collected, a good security system is needed to protect the clinic from potential threats that could be detrimental. Evaluation of the quality of information security management is necessary to ensure that the information technology used is safe and trustworthy. This research adopts a qualitative approach through the use of the COBIT 5 framework, especially in the APO13 (Managing Security) and DSS05 (Managing Security Services) stages, to assess the level of information security implemented. Data was collected through observation, interviews, and the use of assessment sheet instruments. The research results show that both stages are at level 2 (Managed Process), while the level expected by the clinic is level 3 (Established Process). This indicates that there is a gap of one level in each process. This research also provides several recommendations for improving information security management by considering the gaps that arise.]]>
Copyrights © 2025
