Evaluating an information system from both performance and security aspects is crucial for anticipating and improving the quality of the information system. A High Religious Court in collaboration with the Provincial Government developed a web-based application to support one of its services, to monitor court decisions regarding alimony payments from former husbands to former wives and children in divorce cases involving civil servants. This is certainly very important because before the existence of this application, there were many complaints filed due to the non-payment of alimony. To ensure that the application runs in accordance with its purpose and that the data is secure, a comprehensive system evaluation is required. The main objective of this evaluation is to identify vulnerabilities and their mitigations, as well as to ensure that the functions in the application work as expected, so that the application's goals are achieved. To achieve this goal, this study uses the ISO 25010:2023 information system standard integrated with OWASP Top Ten to evaluate its security This study uses five ISO 25010:2023 characteristics selected according to the system's goals. The results show that the combination of ISO 25010:2023 and OWASP Top Ten effectively identifies vulnerabilities in the application's functions and security comprehensively. Overall, the functions in the application have run as expected, although there are still several things that need to be improved to enhance the quality and secure its data.

A. A. B. A. Wiradarma and G. M. A. Sasmita, "IT Risk Management Based on ISO 31000 and OWASP Framework using OSINT at the Information Gathering Stage (Case Study: X Company)," I.J. Computer Network and Information Security, 2019.

R. M. Wibowo and Sulaksono, "Web Vulnerability Through Cross Site Scripting (XSS) Detection with OWASP Security Shepherd," Indonesian Journal of Information System (IJIS), 2021.

I. Riadi, A. Fadlil and M. A. Mu’min, "OWASP Framework-Based Network Forensics to Analyze the SQLi Attacks on Web Servers," Matrik, 2023.

W. Y. Aditama, I. R. Hikmah and D. f. Priambodo, "Analisis Komparatif Keamanan Aplikasi Pengelola Kata Sandi Berbayar Lastpass, 1password, Dan Keeper Berdasarkan Iso/Iec 25010," Jurnal Teknologi Informasi dan Ilmu Komputer , 2023.

B. I. Rumabar and E. Maria, "Evaluasi Kualitas Shopeepay Menggunakan ISO/IEC 25010," Jurnal Sistem Informasi Bisnis, 2023.

A. A. Pratama and A. B. Mutiara, "Software Quality Analysis for Halodoc Application using ISO 25010:2011," International Journal of Advanced Computer Science and Applications (IJACSA), 2021.

E. Z. Darojat, E. Sediyono and I. Sembiring, "Vulnerability Assessment Website E-Government dengan NIST SP 800-115 dan OWASP Menggunakan Web Vulnerability Scanner," Jurnal Sistem Informasi Bisnis, 2022.

F. P. Utama and R. M. H. Nurhadi, "Uncovering the Risk of Academic Information System Vulnerability through PTES and OWASP Method," CommIT, 2024.

R. Sarno, Audit sistem dan teknologi informasi, Surabaya: ITSPress, 2009.

OWASP, "OWASP Top Ten | OWASP Foundation," 2021. [Online]. Available: https://owasp.org/www-project-top-ten/. [Accessed 6 Agustus 2024].

ISO, "ISO 25010," 2023. [Online]. Available: https://iso25000.com/index.php/en/iso-25000-standards/iso-25010. [Accessed 5 Agustus 2024].

Indrianto, "Performance Testing On Web Information System Using Apache Jmeter And Blazemeter," Jurnal Ilmiah Ilmu Terapan Universitas Jambi, vol. 7(2), pp. 138-149, 2023.

P. Ammann and J. Offutt, Introduction to Software Testing 2nd Edition, New York: Cambridge University Press, 2017.

K. Hartwig and C. Reuter, "Nudging users towards better security decisions in password creation using whitebox-based multidimensional visualisation," Behaviour and Information Technology, 2021.

M. S. Fadzana and D. A. Diartono, "Pengaruh User Experience (UX) Design Terhadap Kemudahan Pengguna dalam Menggunakan Aplikasi TIX ID," Jurnal JTIK (Jurnal Teknologi Informasi dan Komunikasi) , vol. 8, 2024.

S. Pragestu, H. Sujaini and E. F. Ripanti, "Analisis Skalabilitas Web Server Apache Tomcat, Node.Js Dan Go Pada Protokol Hypertext Transfer Protocol (HTTP) Dan Message Queue Telemetry Transport (MQTT)," Jurnal Sistem dan Teknologi Informasi, vol. 4, 2023.

J. Shahid, M. K. Hameed, I. T. Javed, K. N. Qureshi, M. Ali and N. Crespi, "A Comparative Study of Web Application Security Parameters: Current Trends and Future Directions," Applied Science, 2022.

P. Jarupunphol, S. Seatun and W. Buathong, "Measuring Vulnerability Assessment Tools’ Performance on the University Web Application," Pertanika, 2023.

J. Grossman, R. Hansen, P. D. Petkov and A. Rager, XSS Attacks : Cross Site Scripting Exploits and Defense, Burlington: Syngrass Publishing, 2027.