Main Article Content

Muhammad Nawir
Irfan AP
Farid Wajidi


Information technology that is growing rapidly becomes a very high threat to information systems. PT. YoY Management Internasional which will manage the location-based smart tourism application so that it is necessary to protect company information, in order to avoid interference and threats that can harm the company. In this study, an analysis of information technology (IT) governance was carried out using the COBIT 2019 framework, by aligning the company's strategies and goals into existing processes in COBIT 2019 which were then mapped into ISO 27001 for information security management. The purpose of this research is to manage information security using the COBIT 2019 framework and the ISO 27001:2013 standard. The research method used in this research is descriptive qualitative. The results obtained in this study are in the form of several recommendations for policies in managing information security in smart tourism applications in accordance with the COBIT 2019 and ISO 27001:2013 standards.

Article Details

How to Cite
M. Nawir, I. AP, and F. Wajidi, “INTEGRATION OF FRAMEWORK ISO 27001 AND COBIT 2019 IN SMART TOURISM INFORMATION SECURITY PT. YoY INTERNATIONAL MANAGEMENT”, jicon, vol. 10, no. 2, pp. 122-128, Sep. 2022.


[1] Sholikhatin, S. A., Setyanto, A., & Luthfi, E. T. 2019. Analisis Keamanan Sistem Informasi Dengan ISO 27001 (Studi Kasus: Sistem Informasi Akademik Universitas Muhammadiyah Purwokerto). It Cida, 4(1), 1–9.
[2] Steve G Watkins,. 2008. An Introduction to Information Security and ISO 27001 : IT Publising.United Kingdom
[3] Lenawati, M., Winarno, W. W., & Amborowati, A. (2017). Tata Kelola Keamanan Informasi pada PDAM Menggunakan ISO/IEC 27001:2013 dan COBIT 5. Sentra Penelitian Engineering Dan Edukasi, 9(1), 44–49.
[4] Iec, I. S. O., & Iec, I. S. O. (2019). INTERNATIONAL STANDARD ISO / IEC Security techniques — Extension to. 2019.
[5] Masduki. 2020. Introduction and Methodology. In Palgrave Series in Asia and Pacific Studies.
[6] Riyana, C. 2010. Teknologi Informasi dan Komunikasi. Pusat Perbukuan Kementrian Pendidikan Nasional, 1(April), 1–302.
[7] INFORMATION SYSTEM AUDIT AND CONTROL ASSOCIATION – ISACA. (2018). Governance and Management Objectives. In COBIT® 2019 Framework.
[8] Chopra, A., & Chaudhary, M. (2020). Implementing an Information Security Management System. In Implementing an Information Security Management System.
[9] International Organization for Standardization. 2013. INTERNATIONAL STANDARD ISO / IEC Information technology — Security techniques — Information security management systems — Requirements. Information Technology — Security Techniques — Information Security Management Systems — Requirements, 2014(ISO/IEC 27001:2013), 38.
[10] Fathoni, Simbolon, N., & Yunika Hardiyanti, D. (2019). Security audit on loan debit network corporation system using cobit 5 and iso 27001: 2013. Journal of Physics: Conference Series, 1196(1).

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.