One of the main problems for an agency or a company is the security of information systems. High security is needed to maintain the confidentiality and misuse of information within the organization. To improve the security of business operations and the quality of information technology resources, it is necessary to evaluate to op Badan Pendapatan Daerah Jawa Barat Kota Bandung III, namely SIMKA BAPENDA whose function is to collect data on PKB (pajak kendaraan bermotor) and BBNKB (bea balik nama kendaraan bermotor) which manage the data computerized. The purpose of this study is to carry out a security audit of SIMKA BAPENDA at the Badan Pendapatan Daerah Jawa Barat Kota Bandung III using the COBIT 5 framework and ISO/IEC 27002 to document audit findings of the information system audit of the Badan Pendapatan Daerah Jawa Barat Kota Bandung III to make a report on the audit results. Based on the results of research that has been done through interviews and questionnaires using framework and using the APO13 and DSS05 sub domains, the results show that the Capability Existing is at level 1 while Capability Level is level 3 so the Capability Gap is 2.

Yudhiyati, R., Putritama, A., & Rahmawati, D. (2021). What small businesses in developing country think of cybersecurity risks in the digital age: Indonesian case. Journal of Information, Communication and Ethics in Society, 19(4), 446-462.

Marune, A. E. M. S., & Hartanto, B. (2021). Strengthening Personal Data Protection, Cyber Security, and Improving Public Awareness in Indonesia: Progressive Legal Perspective. International Journal of Business, Economics, and Social Development, 2(4), 143-152.

Syarief, E. (2022). Security Concerns in Digital Transformation of Electronic Land Registration: Legal Protection in Cybersecurity Laws in Indonesia. International Journal of Cyber Criminology, 16(2), 32-46.

Marwan, A., Jiow, H. J., & Monteiro, K. (2022). Cybersecurity Regulation and Governance During the Pandemic Time in Indonesia and Singapore. International Journal of Global Community, 5(1), 13-32.

Marwan, A., & Bonfigli, F. (2022). Detection of Digital Law Issues and Implication for Good Governance Policy in Indonesia. Bestuur, 10(1), 22-32.

Sensuse, D. I., Putro, P. A. W., Rachmawati, R., & Sunindyo, W. D. (2022). Initial Cybersecurity Framework in the New Capital City of Indonesia: Factors, Objectives, and Technology. Information, 13(12), 580.

Prasetyo, Y., Gunawan, S. A., & Maksum, Z. U. (2016). Determination of the water catchment area in Semarang City using a combination of object based image analysis (OBIA) classification, InSAR and Geographic Information System (GIS) methods based on a high-resolution SPOT 6 image and radar imagery. In IOP Conference Series: Earth and Environmental Science, 47(1), p. 012027). IOP Publishing.

Hakim, R., Umam, K., & Anwar, H. S. (2021). Implementation of E-government through the Samsat mobile Jawa barat at the regional revenue agency of West Java province. Publica: Jurnal Pemikiran Administrasi Negara, 13(2), 134-148.

Romli, K., Oktaviannur, M., Rinova, D., & Dharmawan, Y. Y. (2019). Analysis of Tourism Mapping in Lampung Province to Optimize Entrepreneurship Development. Review of Integrative Business and Economics Research, 8, 110.

Arens, Elder, dan Beasley. 2012. Auditing and Assurance Services, An Integrated Approach. Inggris : Pearson Education Limited.

Mulyadi. (2016). Sistem Informasi Akuntansi. Jakarta: Salemba Empat

Whitman, M. E., & Mattord, H. J. (2010). Management of information security, Third Edition. Boston: Course Technology

ISACA. 2014. COBIT 5: A Business Framework for Governance & Management. USA: IT Governance Institute.

ISACA, W., & Join, R. G. (2021). Cybersecurity Workforce Diversity—Including Cultures, Personalities and Neurodiversity.

Carlstedt, A. dan Halili, R. (2016) Whitepaper ISO/IEC 27002:2013 wartonah. PECB. Tersedia pada: www.pecb.com