PENERAPAN FRAMEWORK COBIT 5 UNTUK MENGANALISIS TATA KELOLA TEKNOLOGI INFORMASI DALAM KONTEKS KEAMANAN INFORMASI (STUDI KASUS: SISTEM INFORMASI KOMPENSASI)

Abstract

This study aims to assess the information security governance of the Compensation information systems within the Department of Information Technology at Malang State Polytechnic, utilizing the COBIT 5 framework. Specifically, the evaluation focuses on the APO13 (Manage Security) and DSS05 (Manage Security Services) domains. By conducting interviews and observations, the research scrutinizes the proficiency level within both domains. The assessment findings reveal that the capability level of APO13 stands at level 1 (performed process), while DSS05 is at level 2 (managed process). Gap analysis exposes variances between the attained and anticipated levels. Recommendations for enhancement encompass the formulation of written documentation, devising risk management plans, conducting internal security audits, overseeing information system protection, and evaluating access rights utilization. The study’s conclusion furnishes a comprehensive portrayal of the state of information security governance concerning Compensation systems, laying the groundwork for future enhancement initiatives and scholarly inquiry.