This study aims to conduct a security audit of the Academic Information System using the COBIT 5 framework in the APO13 (Manage Security) domain. The methods used include observation, interviews, questionnaires, and literature studies. The data obtained are then analyzed to determine the maturity level and identify gaps between current conditions and expected conditions. The results of this study indicate the capability level of the APO13 process, namely Level 0 (Incomplete Process) with status L (Largely Achieved), which means that most of the information system security management has been achieved. Level 1 (Performed Process) with a level achievement of 50% with status P (Partially Achieved), which means that information system security has been partially achieved. Furthermore, Levels 2, 3, and 5 obtained average results above 65% with status L. Keywords: COBIT 5, APO13, Information Systems Audit, Information Systems Security.
Copyrights © 2026