SNI ISO/IEC 27001:2013, adopted by the National Standardization Agency of Indonesia (BSN), is a national standard derived from the international ISO/IEC 27001 published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). This study evaluates the effectiveness of BSN's Information Security Management System (ISMS) implementation, focusing on compliance with international standards, risk management strategies, and organizational commitment to safeguarding information. Employing qualitative descriptive methods, data were collected through interviews, document analysis, and observations. The findings highlight the critical roles of leadership commitment, comprehensive risk assessments, and regular system evaluations in achieving ISMS objectives. Despite significant achievements, including obtaining Integrated Management System certification in 2023, challenges persist in optimizing resources and adapting to emerging security threats. Recommendations include enhancing staff capabilities, investing in advanced technologies, and transitioning to the updated SNI ISO/IEC 27001:2022 standard. This study reinforces the importance of ISMS in protecting sensitive information, fostering trust, and aligning with global best practices.

A. Fathurohman and R. W. Witjaksono, “Analysis and Design of Information Security Management System Based on ISO 27001: 2013 Using ANNEX Control (Case Study: District of Government of Bandung City),” Bull. Comput. Sci. Electr. Eng., vol. 1, no. 1, pp. 1–11, 2020, doi: 10.25008/bcsee.v1i1.2.

A. H. Harahap, C. Difa Andani, A. Christie, D. Nurhaliza, and A. Fauzi, “Pentingnya Peranan CIA Triad Dalam Keamanan Informasi dan Data Untuk Pemangku Kepentingan atau Stakholder,” J. Manaj. dan Pemasar. Digit., vol. 1, no. 2, pp. 73–83, 2023.

S. Paramita, “Analisis Manajemen TIK Terhadap Keamanan Informasi Dan Manajemen Risiko Perpustakaan,” J. Teknol. dan Manaj. Sist. Ind., vol. 2, no. 1, pp. 54–61, 2023, doi: 10.56071/jtmsi.v2i1.469.

I. Gaidarski and P. Kutinchev, “Some Aspects of Information Security and Cybersecurity Problem Area,” Probl. Eng. Cybern. Robot., vol. 79, pp. 55–66, 2023, doi: 10.7546/pecr.79.23.03.

J. Nikander, O. Manninen, and M. Laajalahti, “Requirements for cybersecurity in agricultural communication networks,” Comput. Electron. Agric., vol. 179, no. September, p. 105776, 2020, doi: 10.1016/j.compag.2020.105776.

K. Puspo and Y. Shintya, “INFORMASI AKSES SNI DENGAN METODE E-GOVQUAL DAN IPA Service Quality Analysis of SNI Access Information System with E-Govqual Method and IPA,” vol. 6, no. 2, 2023.

O. A. Fonseca-Herrera, A. E. Rojas, and H. Florez, “A Model of an Information Security Management System Based on NTC-ISO/IEC 27001 Standard,” IAENG Int. J. Comput. Sci., vol. 48, no. 2, pp. 1–10, 2021.

F. Kitsios, E. Chatzidimitriou, and M. Kamariotou, “The ISO/IEC 27001 Information Security Management Standard: How to Extract Value from Data in the IT Sector,” Sustain., vol. 15, no. 7, 2023, doi: 10.3390/su15075828.

ISO 27001, “Teknologi informasi – Teknik keamanan – Sistem manajemen keamanan informasi – Persyaratan Information technology – Security techniques – Information security management systems – Requirements,” p. 54, 2013.

Ageng Saepudin Kanda and Ratna Intan Sari, “Analisis Penerapan Sistem Informasi Manajemen Email IMS Di PT. IBU,” J. Publ. Sist. Inf. dan Manaj. Bisnis, vol. 3, no. 2, pp. 109–119, 2024, doi: 10.55606/jupsim.v3i2.2772.

R. O. Waruwu et al., “Digital Di Dinas Komunikasi Dan Informatika Kabupaten Nias Utara Operation of the E-Archive Application System in Maximizing the Operation Management of Digital-Based Incoming and Outgoing Mail Services At the Communication and Information Office of North,” J. Emba, vol. 12, no. 1, pp. 1044–1051, 2024.

N. Hidaya and I. Jatnika, “Perancangan Sistem Manajemen Keamanan Informasi Data Center Standard SNI ISO IEC 27001 2013,” JUSIM (Jurnal Sist. Inf. Musiwaras), vol. 7, no. 1, pp. 24–36, 2022, [Online]. Available: https://www.jurnal.univbinainsan.ac.id/index.php/jusim/article/view/1420%0Ahttps://www.jurnal.univbinainsan.ac.id/index.php/jusim/article/download/1420/797

K. P. Gerupuk and K. L. Tengah, “3 1,2,3,” vol. 13, no. 1, pp. 11–18, 2024.

B. K. Tias, “Sistem Informasi Perluasan Pangsa Pasar Menggunakan Pendekatan Metode Bauran Pemasaran,” J. Teknol. dan Sist. Inf., vol. 4, no. 1Tias, Betty Kusumaning. 2021. “Sistem Informasi Perluasan Pangsa Pasar Menggunakan Pendekatan Metode Bauran Pemasaran.” Jurnal Teknologi dan Sistem Informasi 4(1): 1–8., pp. 1–8, 2021.

M. Tampubolon, Metode Penelitian Metode Penelitian, vol. 3, no. 17. 2023. [Online]. Available: http://repository.unpas.ac.id/30547/5/BAB III.pdf

M. K. Akman, “SWOT Analysis and Security Management,” Eur. J. Manag. Mark. Stud., vol. 4, no. 2, pp. 78–89, 2019, doi: 10.5281/zenodo.3471920.