An Information Security Maturity Evaluation of the BKO District Court Based on the KAMI Index Version 5.0

Abstract

Information security is a vital component in institutional IT operations, especially for Electronic System Operators (ESO). Effective governance is essential to ensure data protection, integrity, and availability. The readiness evaluation of the BKO District Court, conducted using the KAMI Index version 5.0 based on ISO/IEC 27001:2022, assessed seven areas: information security governance, risk management, information security framework, asset and technology management, personal data protection, and supplementary controls involving third parties. The assessment applied five implementation levels and maturity levels I–V. The Court scored 14 in the electronic system category (low dependency) and achieved an overall score of 913 with a “Good” rating. The highest maturity levels were recorded in risk management and the information security framework (Level V), while other areas ranged from Levels III to IV. Overall, the results show that the BKO District Court has a well-developed and consistently implemented information security governance structure, though enhancements in asset management and personal data protection are still required to achieve optimal maturity under SNI ISO/IEC 27001:2022.