Audit Keamanan Aplikasi Presensi Human Resource Management System Menggunakan Framework Cobit 5

Acep Saepuloh Acep Saepuloh; TITAN PARAMA YOGA; Fadli Emsa Zamani

doi:10.31848/jesii.v3i1.4041

Security Audit of Human Resource Management System Presence Application Using Cobit 5 Framework

Authors

Acep Saepuloh Acep Saepuloh Indonesian University of Informatics and Business (UNIBI)
TITAN PARAMA YOGA Indonesian University of Informatics and Business (UNIBI)
Fadli Emsa Zamani Asia E University

DOI:

https://doi.org/10.31848/jesii.v3i1.4041

Abstract

Information system security is a crucial aspect in the operation of a company, especially in managing employee data. To support the company's operational processes, PT Dekatama Centra uses a face verification-based attendance application to record employee attendance. However, like any other system, this application has potential security risks that need to be evaluated to ensure optimal data protection. This research aims to analyze the security level of the HRMS attendance application using the COBIT 5 framework, specifically in the APO13 (Manage Security) and DSS05 (Manage Security Service) domains. The research process was conducted through interviews, observations, and questionnaires, which were designed to measure the maturity level of the application security system based on the COBIT 5 assessment model. The audit results show that the maturity level of system security is still at the “Performed” level (Level 1), which means that the security process has been implemented but not well documented. Some aspects that still require improvement include user access management that must be strengthened with double authentication and access rights restrictions based on roles, protection against malware by improving network security systems and endpoint protection, and regular security monitoring by implementing a logging and monitoring system based on Securtiy Information and Event Management (SIEM). To overcome these problems, this research recommends implementing an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001 standard, improving data encryption mechanisms, and increasing cybersecurity awareness for employees through continuous training programs. By implementing these recommendations, PT Dekatama Centra is expected to increase system resilience to cyber threats, maintain the confidentiality of employee data, and ensure the continuity of safer and more efficient company operations.

Downloads

Published

2025-06-22

How to Cite

Acep Saepuloh, A. S., PARAMA YOGA, T., & Zamani, F. E. (2025). Security Audit of Human Resource Management System Presence Application Using Cobit 5 Framework. JESII: Journal of Elektronik Sistem InformasI, 3(1), 28–40. https://doi.org/10.31848/jesii.v3i1.4041

Download Citation

Issue

Vol. 3 No. 1 (2025): JOURNAL ELEKTRONIK SISTEM INFORMASI (JUNE)

Section

Articles

License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish in JESII: Journal Elektronik Sistem InformasI agree to the following terms:

Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).