It has become a current requirement in every company regarding the implementation of governance in the ICT field in an effort to improve service quality. For this reason, it is necessary to implement and at the same time carry out an ISMS periodic audit process in companies using the ISO 27001: 2013 standard. Based on the audit and research results found in Annex 7 has the lowest level compared to the other Annexes, because the work instruction documentation related to labeling has not been registered in the main document so it needs to be adjusted to the main document. existing procedures with titles, so they are not synchronized. Overall the use of ISO 27001: 2013 has been going well with a maturity level value of 97.45% level 5. With almost all annexes and clauses meeting the standards of ISO 27001: 2013, so from the results this research It is hoped that the company can make improvements again in carrying out the document archive process so that it makes it easier for the auditor to carry out internal external audits and can carry out all activities in accordance with those in the ISO 27001: 2013 standard.
Copyrights © 2023