Evaluation of Basic Principles of Information Security at University Using COBIT 5

  • Khairunnisak Nur Isnaini Universitas AMIKOM Purwokerto
  • Didit Suhartono Universitas Amikom Purwokerto
Keywords: COBIT 5, Evaluation, Information Security


Information security issues commonly arise in a company and institution, including those in University. Some of the threats and attacks are unauthorized access, system user accountability, and logical and physical issues. This study reveals the obedience rate of the information security principle in Universitas Amikom Purwokerto and provides a recovery strategy. The domains being used were APO13, DSS5, and MEA3. The researcher employed a descriptive quantitative method by having documentation, interview, and administering a questionnaire to the respondents.  The respondents were 83 employees who got selected by using the purposive sampling technique. The result shows that the capability level is in level 3, known as the established process. It means that the employees have applied the current procedure, even though they have not applied information security management. The proposed refinement strategy emphasizes the security policy, classification and asset management, physics and environment security, and business continuity management. The gap can be fixed by implementing the proposed refinement strategy. Future researchers may evaluate obedience based on the identified variables by keeping the standard in mind.


Download data is not yet available.


[1] P. R. E. Indrajit, Konsep dan Strategi Keamanan Informasi di Dunia Cyber. Yogyakarta: Graha Ilmu, 2014.
[2] IBISA, Keamanan Sistem Informasi. Yogyakarta: ANDI OFFSET, 2011.
[3] P. P. G. Pertama and I. W. Ardiyasa, “Audit Keamanan Sistem Informasi Perpustakaan STMIK STIKOM Bali Menggunakan Kerangka Kerja COBIT,” Jurnal Sistem Dan Informatika, Vol. 13, No. 2, PP. 77–86, 2019.
[4] R. R, I. Riadi, and Y. Prayudi, “A Maturity Level Framework for Measurement of Information Security Performance,” International Journal of Computer Applications, Vol. 141, No. 8, PP. 1–6, 2016
[5] E. Kurniawan and I. Riadi, “Security level analysis of academic information systems based on standard ISO 27002: 2013 using SSE-CMM,” International Journal of Computer Science and Information Security (IJCSIS), Vol. 16, No. 1, PP. 139–147, 2018
[6] R. Umar, I. Riadi, and E. Handoyo, “Analisis Keamanan Sistem Informasi Berdasarkan Framework COBIT 5 Menggunakan Capability Maturity Model Integration (CMMI),” Jurnal Sistem Informasi Bisnis, Vol. 9, No. 1, PP. 47–54, 2019
[7] H. Ghasali and K. Christianto, “System Information Audit with COBIT 4.1 and Balanced Scorecard Framework (Case Study: PT. Boga Dimsum Indonesia),” Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), Vol. 2, No. 2, PP. 560–565, 2018
[8] L. Lelah and Toto Suharto, “Tata Kelola Keamanan Teknologi Informasi Menggunakan Cobit 5 (Studi Kasus pada Dinas Komunikasi dan Informasi Kota Sukabumi),” Jurnal Gaung Informatika, Vol. 12, No. 1, PP. 46–55, 2019 [Online]. Available: http://jurnal.usahidsolo.ac.id/index.php/GI/article/view/321
[9] E. Surjandy; Fernando, A. R. Condrobimo, and M. R. Yudho, “Evaluasi Penerapan IT Governance Pada Bank Berdasarkan Cobit 5 ( Study Kasus Pada Bank XYZ ) Evaluation Implementaion of IT Governance At Bank Xyz Based On Cobit 5 ( Case Study at Bank XYZ ),” Jurnal Teknologi dan Ilmu Komputer (JTIIK), Vol. 7, No. 3, PP. 453–460, 2020
[10] I. J. Aritonang, E. D. Udayanti, and N. Iksan, “Audit Keamanan Sistem Informasi Menggunakan Framework Cobit 5 (APO13),” Information Technology Engineering Journals, Vol. 3, No. 2, PP. 3–7, 2018.
[11] F. Effendy and E. Hariyanti, “Manajemen Masalah Teknologi Informasi Berdasarkan Kerangka Kerja ITIL V3 dan COBIT 5,” Jurnal Sistem Informasi Bisnis, Vol. 8, No. 2, PP. 157–165, 2018
[12] A. L. Y. A. Andrianti, “Tata Kelola Keamanan Teknologi Informasi Menggunakan Framework COBIT 5 Fokus Proses DSS05 (Studi Pada RS Bhayangkara Jambi),” Indonesian Journal of Computer Science, Vol. 9, No. 2, PP. 86–95, 2020.
[13] E. Handoyo, “Analisis Tingkat Keamanan Informasi: Studi Komparasi Framework Cobit 5 Subdomain Manage Security Services (DSS05) dan NIST SP 800 – 55,” Jurnal Computer Science and Information Technology (CoSciTech), Vol. 1, No. 2, PP. 57–64, 2020.
[14] Y. D. Imany, W. Hayuhardhika, N. Putra, and A. D. Herlambang, “Evaluasi Tata Kelola Keamanan Informasi menggunakan COBIT 5 pada Domain APO13 dan DSS05 ( Studi pada PT Gagas Energi Indonesia ),” Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, Vol. 3, No. 6, PP. 5926–5935, 2019.
[15] T. Tarwoto and A. P. Kuncoro, “Evaluasi Penerapan Sistem Informasi Smart Prodi dengan Pendekatan Delone Mclean dan Framework Cobit 5,” MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, Vol. 18, No. 2, PP. 222–236, 2019
[16] K. P. D. Dharmayanti, I. P. A. Swastika, and I. G. L. A. Raditya Putra, “Tata Kelola Sistem Informasi Sanken Menggunakan Framework COBIT 5,” MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, Vol. 18, No. 1, PP. 29–38, 2018
[17] E. Nachrowi, Yani Nurhadryani, and Heru Sukoco, “Evaluation of Governance and Management of Information Technology Services Using Cobit 2019 and ITIL 4,” Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), Vol. 4, No. 4, PP. 764–774, 2020
[18] Y. W. H. N. P. A. D. H. Rahmah, “Evaluasi Keamanan Informasi pada Dinas Komunikasi dan Informatika Kabupaten Sidoarjo menggunakan Indeks Keamanan Informasi ( KAMI ),” Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, Vol. 4, No. 3, PP. 840–847, 2020.
[19] I. Maghfiroh, M. Murahartawaty, and R. Mulyana, “Analisis Dan Perancangan Tata Kelola Ti Menggunakan Cobit 4.1 Domain Deliver and Support (DS) PT XYZ,” Jurnal Sistem Informasi, Vol. 12, No. 1, PP. 50–55, 2016
[20] N. Kadek, R. Widya, I. P. A. Bayupati, and I. K. A. Purnawan, “Audit Capability EAM menggunakan COBIT 5 dan ISO 55002 pada Perusahaan Kelistrikan Negara,” Jurnal Merpati, Vol. 4, No. 3, PP. 195–204, 2016
[21] D. Priyatno, SPSS 22: Pengolahan Data Terpraktis. Yogyakarta: ANDI OFFSET, 2014.
How to Cite
Isnaini, K., & Suhartono, D. (2022). Evaluation of Basic Principles of Information Security at University Using COBIT 5. MATRIK : Jurnal Manajemen, Teknik Informatika Dan Rekayasa Komputer, 21(2), 317-326. https://doi.org/https://doi.org/10.30812/matrik.v21i2.1311