<![CDATA[It has become a current necessity in every company regarding the implementation of information and communication technology governance in efforts to improve service quality. The implementation of information and communication technology governance is a critical factor in enhancing service quality across various companies. Therefore, the adoption of an Information Security Management System (ISMS) based on the ISO 27001:2013 standard becomes essential, in line with the conduct of regular audits to ensure its effectiveness. This research aims to develop and design an information security governance framework in accordance with ISO/IEC 27001 and to conduct audits on the system that has been implemented in PT. XYZ, to ensure its compliance with good and efficient standards. The methodology used is Plan-Do- Check-Act (PDCA), with data collection techniques through interviews and distribution of questionnaires for internal audits. The research findings indicate that the average ISO/IEC 27001 maturity level is at levels three and four. It is expected that this research can assist and provide recommendations related to security controlsused as guidelines and procedures for the implementation of information security, as well as ensuring the overall operation runs in accordance with ISO 27001 standards.]]>
Copyrights © 2024
