<![CDATA[Information system security is a crucial aspect in the operation of a company, especially in managing employee data. To support the company's operational processes, PT Dekatama Centra uses a face verification-based attendance application to record employee attendance. However, like any other system, this application has potential security risks that need to be evaluated to ensure optimal data protection. This research aims to analyze the security level of the HRMS attendance application using the COBIT 5 framework, specifically in the APO13 (Manage Security) and DSS05 (Manage Security Service) domains. The research process was conducted through interviews, observations, and questionnaires, which were designed to measure the maturity level of the application security system based on the COBIT 5 assessment model. The audit results show that the maturity level of system security is still at the “Performed” level (Level 1), which means that the security process has been implemented but not well documented. Some aspects that still require improvement include user access management that must be strengthened with double authentication and access rights restrictions based on roles, protection against malware by improving network security systems and endpoint protection, and regular security monitoring by implementing a logging and monitoring system based on Securtiy Information and Event Management (SIEM). To overcome these problems, this research recommends implementing an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001 standard, improving data encryption mechanisms, and increasing cybersecurity awareness for employees through continuous training programs. By implementing these recommendations, PT Dekatama Centra is expected to increase system resilience to cyber threats, maintain the confidentiality of employee data, and ensure the continuity of safer and more efficient company operations.]]>
Copyrights © 2025
