The increasing use of E-government (SPBE) has accelerated digital change in public administration but has also created real risks to information security. This study aims  to evaluate the level of information security risk management maturity at the Central Java Provincial Data Center by merging the Indonesian SPBE Risk Management framework (PermenPANRB No. 5/2020) with SNI ISO/IEC 27001:2022. The evaluation utilized a descriptive qualitative method, backed by observations, interviews, and a survey-based maturity assessment that aligns with the control areas of ISO/IEC 27001. Findings reveal that the overall maturity sits between “Managed and Measurable” (Level 4) and “Optimized” (Level 5), indicating that most procedures are organized, documented, and consistently observed; however, some sub-controls still need enhancement, especially those related to incident response, ongoing improvement, and staff awareness. This research emphasizes the necessity for a more flexible security governance approach and contributes by integrating national regulatory guidelines with global information security frameworks to enhance the maturity assessment of government data centers.

Presiden Republik Indonesia, “Peraturan Presiden Nomor 95 Tahun 2018 tentang Sistem Pemerintahan Berbasis Elektronik,” Menteri Huk. Dan Hak Asasi Mns. Republik Indones., p. 110, 2018.

D. Harisdayanti, R. Fauzi, and R. Mulyana, “Perancangan Manajemen Risiko Operasional Pada Spbe/E-Gov Berdasarkan Permen Panrb Nomor 5 Tahun 2020: Studi Kasus Pemerintah Kabupaten Bandung Operational Risk Management Design on E-Gov/Spbe Based on Permen Panrb Nomor 5 Tahun 2020: Case Study Government,” vol. 7, no. 2, pp. 7348–7353, 2020.

MenPANRB RI, “PermenPAN RB Nomor 5 Tahun 2020,” MenPAN RB, JDIH, vol. 5, no. 261, pp. 1689–1699, 2020.

Badan Siber dan Sandi Negara, “Laporan Monitoring Keamanan Siber Bulan Agustus 2024,” 2024, [Online]. Available: https://idsirtii.or.id/halaman/tentang/laporan-hasil-monitoring.html

A. Aminudin and A. Supriyanto, “Kematangan risiko keamanan informasi layanan TI menggunakan pendekatan NIST dan standar ISO 27001:2013 (Studi kasus: Bapenda Provinsi Jawa Tengah),” Aiti, vol. 21, no. 2, pp. 210–229, 2024, doi: 10.24246/aiti.v21i2.210-229.

S. N. Indonesia, “privasi — Sistem manajemen keamanan informasi — Persyaratan Information security , cybersecurity and privacy protection — Information security management systems — Requirements,” vol. 2022, 2023.

Z. S. Nadine, I. Aknuranda, and H. Farizi, “Evaluasi Pengelolaan Keamanan Informasi Berbasis,” vol. 9, no. 10, pp. 1–12, 2025.

A. R. Nugroho and N. Legowo, “Risk Assessment at it Company by Focusing on Information Security Area Using Iso 27001:2022,” vol. 07, no. 12, 2022.

A. Supriyanto, A. Jananto, J. A. Razaq, B. Hartono, and F. Damaryanti, “Alignment of KAMI Index with Global Security Standards in Information Security Risk Maturity Evaluation,” Cybern. Inf. Technol., vol. 25, no. 2, pp. 173–192, 2025, doi: 10.2478/cait-2025-0018.

T. Ramadhane, “Public Value Based E-Government Maturity Model: a Literature Review,” JIKO (Jurnal Inform. dan Komputer), vol. 6, no. 1, pp. 62–71, 2023, doi: 10.33387/jiko.v6i1.5898.

A. La Adu, “Evaluation of Spbe Service Maturity Level in Central Maluku District Government Using Spbe 2020 Framework,” JIKO (Jurnal Inform. dan Komputer), vol. 6, no. 1, pp. 13–20, 2023, doi: 10.33387/jiko.v6i1.5422.

C. Development, “CMMI ® for Development, Version 1.3,” no. November, 2010.

V. H. Pranatawijaya, W. Widiatry, R. Priskila, and P. B. A. A. Putra, “Penerapan Skala Likert dan Skala Dikotomi Pada Kuesioner Online,” J. Sains dan Inform., vol. 5, no. 2, pp. 128–137, 2019, doi: 10.34128/jsi.v5i2.185.

A. Suárez-García, M. Álvarez-Hernández, E. Arce, and J. R. Ribas, “Exploring the Efficacy of Binary Surveys versus Likert Scales in Assessing Student Perspectives Using Bayesian Analysis,” Appl. Sci., vol. 14, no. 10, 2024, doi: 10.3390/app14104189.

Nurbojatmiko et al., “Risk Assessment Maturity Level of Academic Information System Using Iso 27001 System Security Engineering-Capability Maturity Model,” J. Appl. Eng. Technol. Sci., vol. 5, no. 2, pp. 941–954, 2024, doi: 10.37385/jaets.v5i2.2971.