Evaluation Of Information Technology Security System Using Cobit 5 Framework

Abstract

This study aims to evaluate the information technology security system at the Unit Sumber Daya Informasi (USDI) of Udayana University using the COBIT 5 framework, focusing on the APO (Align, Plan, and Organize) and DSS (Deliver, Service, and Support) domains. The use of information technology at Udayana University is crucial to support both academic and non-academic activities, making information management and security a priority. The COBIT 5 framework is used to assess IT management capabilities and identify gaps between the current and expected conditions. The research methods include questionnaires, interviews, and observations with unit leaders and staff at USDI. The evaluation results show that the APO 13 (Manage Security) and DSS 05 (Manage Security Service) subdomains have reached level 3 (established process), which means these processes have been well implemented. However, there is potential for improvement to level 4 (predictable process). This study provides recommendations to improve information security management, including establishing of an information security division, enhancing human resource competencies, preparing SOPs, and conducting regular internal monitoring and audits. With these improvements, it is expected that USDI Udayana University can optimally manage and protect the IT system, supporting institutional goals more safely and efficiently.