<![CDATA[Purpose:The purpose of this research is to compile a cyber risk management disclosure index of State-Owned Enterprises (SOEs). This index is used to provide an overview of the disclosures that are expected by the stakeholders which are disclosed in the annual report of SOEs. Disclosure of cyber risk management is important for a business entity to show that the entity has readiness in facing digital technology which is one of the keys to the company's success.Method:The research method used is mixed method. The type of data is primary data sourced from Forum Group Discussion (FGD) inviting SOE Directors, audit committees, investors, risk management practitioners, and academics on how important the cyber risk management disclosure items formulated earlier are. Thirty corporate and SOE practitioners have been interviewed and internal auditor practitioners in SOEs have been sources of validity. The steps in compiling the index are first collecting cyber risk management disclosure items from the previous research and looking at ISO 31000 provisions regarding risk management.Findings: The result of this study is the composition of the cyber risk management disclosure index as many as 18 (eighteen) items with weighting on each disclosure item.Novelty:The novelty of this study is the formulation of a cyber risk management measurement index which is very important in relation to risk management in a company. This research is important to be carried out as a formulation of indicators for cyber risk management management carried out by the company. Researchers anticipate that this cyber risk management disclosure index will help the government create disclosure items for cyber risk management and serve as a norm for disclosing SOE cyber risk management in its annual report. ]]>
