<![CDATA[This study aims to develop and evaluate an integrated framework combining COBIT 2019 and ISO/IEC 27001 to enhance IT governance and information security management. Using a qualitative-descriptive approach, the research involved document analysis, expert interviews, and a case-based validation within a government institution. The integration process consisted of three phases: mapping, harmonization, and synthesis, which resulted in the development of the Integrated IT Governance and Security Framework (IGSF). The findings reveal a high degree of alignment between COBIT 2019’s governance domains and ISO/IEC 27001’s security control structures, forming a unified model that strengthens strategic alignment, risk management, and compliance. Expert validation confirmed that the IGSF facilitates better communication between governance and security teams, reduces redundancy, and enhances operational efficiency. The practical case study demonstrated improved coordination, documentation, and audit readiness following implementation. This study contributes to IT governance and information security literature by presenting a structured, adaptable framework that organizations can adopt to achieve both governance excellence and security resilience. The results also suggest potential for future quantitative evaluation to measure the impact of this integration on organizational performance and compliance outcomes.]]>
Copyrights © 2025
