Sebagai perusahaan BUMN yang mengelola aset negara, keamanan informasi tentu menjadi hal yang krusial bagi PHE Subholding Upstream. Sistem perlindungan informasi harus dirancang sedemikian rupa agar dapat memitigasi risiko keamanan informasi, menjaga operasional, dan memenuhi tuntutan keamanan yang semakin kompleks. PT. PHE menekankan pada aspek People, Process, dan Technologyyang terintegrasi untuk mencapai tujuan. PHE Subholding Upstream berkomitmen untuk terus melakukan pembaruan dan peningkatan keamanan informasi melalui strategi sebagai berikut yang akan dijelaskan lebih lanjut secara mendetail di bawah ini: 1. Information Security GovernanceTata Kelola Keamanan Informasi merupakan kerangka kerja yang memastikan bahwa keamanan informasi dikelola secara strategis dan terintegrasi dalam seluruh proses bisnis organisasi. Di tengah pesatnya perkembangan teknologi dan meningkatnya ancaman siber, penerapan tata kelola yang baik menjadi kunci dalam melindungi aset informasi, menjaga kepatuhan terhadap regulasi, serta membangun kepercayaan pelanggan dan mitra bisnis. Dengan pendekatan yang sistematis dan berbasis risiko, tata kelola keamanan informasi membantu organisasi dalam mencapai keseimbangan antara perlindungan data dan kelangsungan operasional.a. Information Security FrameworkPerusahaan menggunakan kerangka kerja dan praktik terbaik yang dikenal secara internasional sebagai berikut: i. ISO 27001:2022 Information Security Management ii. Center for Internet Security Critical Security Controls for Effective Cyber Defense (CIS-CSC) iii. National Institute of Standard & Technology Cyber Security Framework (NIST CSF) iv. International Series of Standard for Operational Technology in Automation and control system (ISA/IEC 62443)v. National Institute of Standards and Technology Guide to Operational Technology (OT) Security (NIST SP 800-82 R3)As a state-owned company that manages state assets, information security is certainly crucial for PHE Subholding Upstream. The information protection system must be designed in such a way so as to mitigate information security risks, maintain operations, and meet increasingly complex security demands. PT. PHE emphasizes the integrated aspects of People, Process, and Technology to achieve its goals. PHE Subholding Upstream is committed to continuously updating and improving information security through the following strategies which will be explained in more detail belo1. Information Security GovernanceInformation Security Governance is a framework that ensures that information security is managed strategically and integrated into all of business processes of the organization. Amidst the rapid development of technology and increasing cyber threats, implementing good governance is key to protecting information assets, maintaining regulatory compliance, and building trust with customers and business partners. With a systematic and risk-based approach, information security governance helps organizations achieve a balance between data protection and operational continuity.a. Information Security FrameworkThe company uses the following internationally recognized frameworks and best practices:i. ISO 27001:2022 Information Security Management ii. Center for Internet Security Critical Security Controls for Effective Cyber Defense (CIS-CSC) iii. National Institute of Standard & Technology Cyber Security Framework (NIST CSF) iv. International Series of Standard for Operational Technology in Automation and control system (ISA/IEC 62443)v. National Institute of Standards and Technology Guide to Operational Technology (OT) Security (NIST SP 800-82 R3)KEAMANAN INFORMASIINFORMATION SECURITY [GRI 418]dilakukan guna menghasilkan tambahan produksi LPG nasional hingga dapat mengurangi impor LPG, juga untuk memperkuat kontribusi gas pada transisi energi.PHE Subholding Upstream akan terus berinovasi dalam pengelolaan operasi yang prudent dan excellent di dalam dan luar negeri secara professional, untuk mewujudkan pencapaian menjadi perusahaan minyak dan gas bumi kelas dunia yang Environmental Friendly, Societal Responsible Company dan Good Governance. conducted to produce additional national LPG production to reduce LPG imports, as well as to strengthen gas contribution to the energy transition.PHE Subholding Upstream will continue to make innovations in managing prudent and excellent operations at home and abroad in a professional manner, to realize the achievement of becoming a world-class oil and gas company that is Environmentally Friendly, Societal Responsible Company and Good Governance.01020304050607080910Generating Shared Value for the Community Menciptakan Nilai Bersama bagi Masyarakat11 PT Pertamina Hulu Energi 321