Analysis of Academic Scheduling Management Using ISO/IEC 27001:2022 People Controls

Yolan Dita Dewi Pramudita, Wiwin Sulistyo, Irwan Sembiring

Abstract


User behaviour plays a critical role in determining the effectiveness of academic information system management, particularly in processes requiring high data accuracy and timeliness, such as academic scheduling. Despite system support, inconsistencies in data provision and updates indicate that information reliability is influenced by how users perform their responsibilities. This study evaluates People Controls based on ISO/IEC 27001:2022 Annex A.6 and integrates COBIT–CMMI to measure capability levels from a behavioural perspective. A qualitative approach was employed through observation and structured interviews with key stakeholders involved in academic scheduling. User activities were mapped to Annex A.6 controls to identify implementation gaps, followed by capability level assessment using COBIT–CMMI. The results show that control implementation is largely informal and habit-based, with an overall capability level of Level 2 (40%). User behaviour demonstrates basic control execution but lacks consistency and standardization, particularly affecting data accuracy and timeliness, which leads to misalignment between data availability and operational needs. These findings emphasize that improving information security requires strengthening consistent user behaviour, role accountability, and structured practices, alongside technical system support.


Keywords


Academic scheduling management; COBIT–CMMI; ISO/IEC 27001:2022; User behavior

Full Text:

PDF

References


Saniyah, M. Arsyad, and A. S. Arlan, “Pengaruh Efektivitas Sistem Informasi Akademik (SIAKAD) terhadap Kualitas Pelayanan Akademik di Sekolah Tinggi Ilmu Administrasi Amuntai,” Pelayanan Publik, vol. 2, no. 1, pp. 122–131, 2025.

M. Rofi’i, “Analisis Manfaat dan Tantangan Sistem Informasi Akademik dalam Manajemen Perguruan Tinggi: Pendekatan Systematic Literature Review,” J. Islam. Manag. Educ., vol. 1, no. 01, pp. 1–13, 2024, [Online]. Available: https://journal.iaisyaichona.ac.id/index.php/imej/article/view/135

B. Kholifah, I. Thoib, N. Sururi, and D. S. Nugraha, “Efektivitas Sistem Informasi Akademik dalam Meningkatkan Komunikasi dan Informasi Akademik di Institut Teknologi Mojosari,” Komun. Islam, vol. 5, no. 1, pp. 89–100, 2024.

& A. Romdoniyah, Dedih, “Dampak Implementasi Sistem Informasi Manajemen terhadap Kualitas Layanan Administrasi Pendidikan,” EPISTEMIC J. Ilm. Pendidik., vol. 4, no. 2, pp. 131–152, 2025.

J. T. T. Thiodora, R. Iskandar, “Pengaruh Kualitas Pelayanan Sistem Informasi Akademik Pengguna Di Universitas Panca Sakti Bekasi,” Econ. Digit. Bus. Rev., vol. 7, no. 1, 2025.

S. Damayanti, Y. G. Elysia, O. Amanatillah, P. Purba, I. Farida, and A. Prawira, “Pengaruh Penggunaan Sistem Informasi Akademik di Lingkungan Pendidikan Tinggi,” J. MANAJERIAL, vol. 20, no. 1, pp. 43–53, 2021.

R. Budi Setiadi and D. Meliana, “Optimasi Proses Penjadwalan Mata Kuliah di Perguruan Tinggi : A Literature Review,” Proceeding Mercu Buana Conf. Ind. Eng., vol. 6, no. July, p. 303, 2024.

J. Cerah, A. Sujjada, K. Kamdan, and G. P. Insany, “Implementasi Metode Kanban pada Penjadwalan Mata Kuliah Berbasis Web,” J. Ekon. Manaj. Sist. Inf., vol. 6, no. 5, pp. 3435–3445, 2025.

F. Rahman, T. B. Bun, and E. L. Tatuhey, “Sistem Penjadwalan Matakuliah Menggunakan Metode Pewarnaan Graph Pada PRODI TI USN Papua,” J. TEKNO KOMPAK, vol. 20, no. 1, pp. 103–113, 2025.

M. C. Utami, Y. Sugiarti, M. S. Akbar, and M. Q. Huda, “Assessing Technology Acceptance for SIAKAD Usage among Scholarly Community,” J-INTECH (Journal Inf. Technol., no. 10, 2025.

A. Khair, D. Ishmatul, and Y. Amrozi, “A Problem of Information System Integration At a University in Indonesia,” SAINTEKBU J. Sci. Technol., vol. 14, no. August, pp. 9–15, 2022.

K. D. Setyowati, T. Chamidy, and M. Faisal, “Analysis of Academic Information System Using Information System Success Model and System Quality Model Case Study of Institut Teknologi Nasional Malang,” Trans. Informatics Data Sci., vol. 1, no. 1, pp. 33–44, 2024, doi: 10.24090/tids.v1i1.12234.

Wahyu Triono, Kirana Lesmi, and Iim Khotimah, “Optimization and Challenges of Implementing Academic Service Management Information Systems in Muhammadiyah Higher Education: A Multiple-Case Study,” J. Pendidik. Islam, vol. 12, no. 2, pp. 155–162, 2023, doi: 10.14421/jpi.2023.122.155-162.

A. M. F. Wahyudi, D. Saputra, “Strategi Implementasi Kebijakan Keamanan Informasi Di Era Transformasi Digital,” Sist. Inf., vol. 5, no. 2, pp. 344–350, 2025.

A. Mita Baqis, M. Irwan, and P. Nasution, “Pentingnya Perlindungan dan Keamanan Data Privasi di Era Digital,” J. Manaj. dan Pendidik. Agama Islam, vol. 3, no. 3, p. 2025, 2025, [Online]. Available: https://journal.aripafi.or.id/index.php/jmpai

E. S. A. Susilo, S. Mukaromah, “Pengukuran Tingkat Kapabilitas Manajemen Keamanan Informasi Menggunakan Cobit 5,” Pros. Semin. Nas. Teknol. dan Sist. Inf., vol. 1, no. September, pp. 6–7, 2023.

A. A. Mike and A. P. R. Ntwari, “Human Factors Shaping Cybersecurity Behavior in Work from Home Environment in Ugandan Universities,” Int. J. Res. Innov. Appl. Sci., vol. XI, no. 2454, pp. 1487–1500, 2026, doi: 10.51584/IJRIAS.

P. H. M. Shah, F. Iqbal, U. Rahman, “A comparative assessment of human factors in cybersecurity: Implications for cyber governance,” IEEE Access, vol. 1, no. 1, 2023, doi: 10.1109/ACCESS.2023.3296580.

A. R. Tanaamah and F. J. Indira, “Analysis of Information Technology Security Management UKSW SIASAT Using ISO/IEC 27001:2013,” IJITEE (International J. Inf. Technol. Electr. Eng., vol. 5, no. 2, p. 68, 2021, doi: 10.22146/ijitee.65670.

A. F. Rebitasari, D. Yuniarto, and D. Setiadi, “Implementation of Iso 31000:2018 for Risk Management in Sistem Informasi Akademik (Siakad) At Sebelas April University,” J. Ris. Tek. Inform. V, vol. x, no. y, pp. x-y, 2024.

S. n, Y. Andriyani, E. MahdiyahMeitarice, M. Nababan, Y. Andriyani, and E. Mahdiyah, “Security Risk Management Analysis Of Siam At Poltekes Kemenkes Riau Using Fmea And ISO 27001:2013 Controls,” IJIRSE Indones. J. Inform. Res. Softw. Eng., vol. 5, no. 1, pp. 40–50, 2025.

Nakita Sisilia and Rayyan Firdaus, “Analisis Faktor-Faktor yang Mempengaruhi Kinerja System Informasi Akuntansi,” Anggar. J. Publ. Ekon. dan Akunt., vol. 2, no. 4, pp. 337–343, 2024, doi: 10.61132/anggaran.v2i4.1012.

R. Ali, “Operationalising Information Security Management: A Procedural Framework Analysis of ISO/IEC 27001:2022 Implementation in a Financial-Technology Organisation,” arXiv Prepr., pp. 1–9, 2026, [Online]. Available: http://arxiv.org/abs/2604.23230

C. Arumdiya, F. C., Rudianto, “Implementasi ISO 27001:2022 dalam Manajemen Risiko Keamanan Informasi,” J. PETISI (Pendidikan Teknol. Inf., vol. 06, no. 02, pp. 167–186, 2025.

S. S. H. Basuki, A. Hafiz, “Implementasi Sistem Manajemen Keamanan Informasi Iso / Iec 27001 : 2022 pada Unit Teknologi Informasi Perguruan Tinggi,” Remik Ris. dan E-Jurnal Manaj. Inform. Komput., vol. 10, no. 1, pp. 396–406, 2026.

R. Sinaga and F. Taan, “Penerapan ISO/IEC 27001:2022 dalam Tata Kelola Keamanan Sistem Informasi: Evaluasi Proses dan Kendala,” NUANSA Inform., 2024, doi: 10.25134/ilkom.v18i2.205.

“ISO/IEC 27001:2022 - Information security management systems.” https://www.iso.org/standard/27001 (accessed Apr. 26, 2026).

Luis Gorgona, “Building a Maturity Model for COBIT 2019 Based on CMMI,” ISACA J., vol. 6, pp. 1–3, 2021, [Online]. Available: https://www.isaca.org/resources/isaca-journal/issues/2021/volume-6/building-a-maturity-model-for-cobit-2019-based-on-cmmi%0Ahttps://www.isaca.org/resources/cobit

D. Ria, Y. Tb, M. B. Wibawa, M. Dwi, Z. Musliyana, and G. D. Akumba, “Sistem Informasi Penjadwalan Kuliah Berbasis Web Studi Kasus Fakultas Ilmu Kesehatan Universitas Ubudiyah Indonesia,” J. Informatics Comput. Sci., vol. 11, no. 1, pp. 137–142, 2025.




DOI: https://doi.org/10.24167/sisforma.v13i1.14531

Refbacks

  • There are currently no refbacks.




SISFORMA: Journal of Information Systems | p-ISSN: 2355-8253 | e-ISSN: 2442-7888 | View My Stats

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.