Main Article Content
Information technology that is growing rapidly becomes a very high threat to information systems. PT. YoY Management Internasional which will manage the location-based smart tourism application so that it is necessary to protect company information, in order to avoid interference and threats that can harm the company. In this study, an analysis of information technology (IT) governance was carried out using the COBIT 2019 framework, by aligning the company's strategies and goals into existing processes in COBIT 2019 which were then mapped into ISO 27001 for information security management. The purpose of this research is to manage information security using the COBIT 2019 framework and the ISO 27001:2013 standard. The research method used in this research is descriptive qualitative. The results obtained in this study are in the form of several recommendations for policies in managing information security in smart tourism applications in accordance with the COBIT 2019 and ISO 27001:2013 standards.
This work is licensed under a Creative Commons Attribution 4.0 International License.
The author who submits the manuscript must understand and agree that if accepted for publication, the copyright of the article belongs to JICON and Nusa Cendana University as the journal publisher. Copyright (copyright) includes the exclusive right to reproduce and provide articles in all forms and media, including reprints, photographs, microfilm and any other similar reproductions, as well as translations. The author has the right for the following:
1. reproduce all or part of published material for the author's own use as classroom teaching materials or oral presentation materials in various forums;
2. reuse part or all of the material as compilation material for the author's written work;
2. make copies of published material for distribution within the institution where the author works.
JICON and Nusa Cendana University and Editors make every effort to ensure that no data, opinion or statement is wrong or misleading to be published in this journal. The content of articles published on JICON is the sole and exclusive responsibility of their respective authors.
 Steve G Watkins,. 2008. An Introduction to Information Security and ISO 27001 : IT Publising.United Kingdom
 Lenawati, M., Winarno, W. W., & Amborowati, A. (2017). Tata Kelola Keamanan Informasi pada PDAM Menggunakan ISO/IEC 27001:2013 dan COBIT 5. Sentra Penelitian Engineering Dan Edukasi, 9(1), 44–49. http://speed.web.id/jurnal/index.php/speed/article/view/220
 Iec, I. S. O., & Iec, I. S. O. (2019). INTERNATIONAL STANDARD ISO / IEC Security techniques — Extension to. 2019.
 Masduki. 2020. Introduction and Methodology. In Palgrave Series in Asia and Pacific Studies. https://doi.org/10.1007/978-981-15-7650-8_1
 Riyana, C. 2010. Teknologi Informasi dan Komunikasi. Pusat Perbukuan Kementrian Pendidikan Nasional, 1(April), 1–302.
 INFORMATION SYSTEM AUDIT AND CONTROL ASSOCIATION – ISACA. (2018). Governance and Management Objectives. In COBIT® 2019 Framework. https://www.isaca.org/resources/cobit
 Chopra, A., & Chaudhary, M. (2020). Implementing an Information Security Management System. In Implementing an Information Security Management System. https://doi.org/10.1007/978-1-4842-5413-4
 International Organization for Standardization. 2013. INTERNATIONAL STANDARD ISO / IEC Information technology — Security techniques — Information security management systems — Requirements. Information Technology — Security Techniques — Information Security Management Systems — Requirements, 2014(ISO/IEC 27001:2013), 38.
 Fathoni, Simbolon, N., & Yunika Hardiyanti, D. (2019). Security audit on loan debit network corporation system using cobit 5 and iso 27001: 2013. Journal of Physics: Conference Series, 1196(1). https://doi.org/10.1088/1742-6596/1196/1/012033