- This study aimsto information security in
academic information systems to provide
recommendations for improvements in information
security management by the expected maturity level
based on ISO/IEC 27002:2013.
By using a qualitative descriptive approach, data
collection and validation techniques with triangulation
techniques are interviews, observation, and
documentation. The data were analyzed by using gap
analysis and to measure the maturity level determined
15 objective control and 45 security controls scattered
in 5 clauses, the result of the research found that the
performance of academic information system
maturity level at level 2.
That is, the current level of maturity is below the
expected maturity level, so it needs to be increased to
the expected level
Keywords : Academic Information System, Maturity Level, Information Security, Gap Analysis.