- Alva Hendi Muhammad
Universitas Amikom Yogyakarta
alva@amikom.ac.id - Asro Nasiri
Universitas Amikom Yogyakarta
asro@amikom.ac.id - Agung Harimurti
Universitas Amikom Yogyakarta
harimurti@amikom.ac.id
Predicting Level of Information Security Risk Assessment Using Machine Learning Models
This study focuses on the challenges of implementing information security programs, particularly in SMEs in Indonesia. Integrating AI into Information Security Risk Assessment (ISRA) for SMEs is becoming increasingly important due to its potential to enhance efficiency in non-financial auditing contexts like cybersecurity. AI’s ability to analyze unstructured, text-based evidence is particularly relevant in these contexts. The study explores various machine algorithms, namely Support Vector Machine (SVM), Gradient Boosting, and Random Forest, in enhancing the efficiency of information security audits, particularly for Small and Medium-sized Enterprises. The audit subject is KAMI’s index, which plays a significant role in organizational innovation and requires internal security audits. The study employs KAMI’s index from BSSN as the focal point for designing an AI-augmented audit, addressing the pressing need for more extensive exploration in this field. The findings show a remarkable accuracy rate of 94.4%, indicating the potential of machine learning in revolutionizing information security assessment. The study’s validation of KAMI’s assessment checklist further solidifies its role as a pivotal contribution. Incorporating machine learning-based technologies is seen as a promising solution, particularly in dealing with unstructured evidence, a common challenge in information security.