Dwarapala by PSG

Information Security Compliance Services

Cybersecurity Audit Services

Compliance To Regulation

Ensuring that your cybersecurity meets the standards of the regulatory bodies you operate within is an essential part of our service. We make sure that you are able to do business without the fear of repercussions due to negligence in terms of regulation and legislation. We ensure that every standard and requirement is met and that your cybersecurity matches the accepted standards of practice within your field. Here is a summary of some of the compliance regulations we are able to assist you with, to ensure you are fully operational and that you honor the protection protocols required for both your own organization and the safety of your customers.

Regulation Compliance

The compliance approach in this audit methodology refers to Bank Indonesia Regulation No. 23/6/PBI/2021 on Payment Service Providers.

SEOJK No. 21/SEOJK.03/2017 on the Implementation of Risk Management in the Use of Information Technology by Commercial Banks. SEOJK No. 29/SEOJK.03/2022 on Cyber Resilience and Security for Commercial Banks. POJK No. 6/POJK.07/2022 on Consumer and Community Protection in the Financial Services Sector. POJK No.4/POJK.5/2021 concerning the Application of Risk Management in the Use of Information Technology by Non-Bank Financial Services Institutions SEOJK No 22/SEOJK.5/2021 Implementation Of Risk Management In The Use Of information Technology By Nonbank Financial Services Institutions.

Circular Letter of the Deposit Insurance Corporation No. SE-1/KE/2023: SE-1/KE/2023 concerning Guidelines for Examining the Quality of Data and the Reliability of the Single Customer View Data Processing System for Bank Internal Audit and Independent Parties appointed by Banks.


CIS (Center for Internet Security) and NIST (National Institute of Standards and Technology) provide service guidance to help organizations enhance the security of their systems and networks. This guidance includes practical steps, recommendations, and security controls that can be implemented. Under our close guidance, you’ll be able to navigate different requirements and policies of this specific framework, and those that map into it.

ISO 27001

ISO/IEC 27001 is an international standard published by the International Organisation for Standardisation of Information Security Management Systems (ISMS). This standard defines the requirements that an ISMS must fulfill. Dwarapala help you comply with this standard by maintaining and implementing the following sub-controls at each compliance check

Index KAMI

Index KAMI is an assessment used to evaluate the level of readiness (Completeness and Maturity) of information security implementation based on SNI ISO/IEC 27001 criteria, which include:

  • Information Security Governance
  • Information Security Risk Management
  • Asset Management
  • Information Security Framework
  • Information Security Technology
  • Measurement of aspects of Third Party Service Provider Engagement Security, Cloud Infrastructure Service Security and Personal Data Protection

Cybersecurity Blueprint Building Program

Your company has its own information security goals and objectives, which it plans to reach by using specific strategies and plans. To make sure that you can comply with these goals and chosen strategies, we’ll help you develop and implement a cybersecurity program that suits your specific needs.

Ask about Dwarapala’s, services,
pricing, implementation, or anything else.

Our team of experts can help secure your
digital assets.