Developing Compliant Audit Information System for Information Security Index: A Study on Enhancing Institutional and Organizational Audits using Web-based Technology and ISO 25010:2011 Total Quality of Use Evaluation

Abstract

This study aimed to develop the KAMI 4.1 Index system application based on web application technology to provide a platform for controlled audit implementation and improve data management. The primary goals were to independently assess organizations' ability to obtain ISO 27001:2013 and enhance the audit process's effectiveness and efficiency. The research utilized web application technologies as materials. It employed a systematic approach, focusing on developing a web-based application using the waterfall model's stages of communication, planning, modeling, construction, and deployment. The resulting KAMI 4.1 Index system application introduced a new and efficient platform for controlled audit implementation, featuring an improved user experience and enhanced ease of use by incorporating existing audit calculations from the KAMI 4.1 index. Evaluation based on the ISO 25010:2011 quality of use model yielded a high total quality of use rate of 81.45%, indicating a "very good" categorization. However, areas requiring further research and improvement were identified, including data security, content coverage, freedom from risk, and error tracking. The study also suggested exploring integration possibilities of the audit system with other ISO audit needs, such as a quality assurance system complying with ISO 9001. Further research is necessary to gather information about user criteria and needs in different organizational contexts, ensuring the audit application system meets their requirements. Overall, this research contributes to developing the KAMI 4.1 Index system application and highlights directions for further enhancement and exploration in controlled audit implementation and data management.