Implementation of Quality Management System (QMS) in Enhancing Cybersecurity Governance in Organizations

Quality Management System (QMS) Cybersecurity Governance ISO 9001:2015 ISO/IEC 27001

Authors

July 15, 2026

Downloads

The rapid advancement of digital transformation has led organizations to become increasingly dependent on information governance and digital infrastructure. This dependency introduces potential risks in the form of cybersecurity threats that can disrupt business continuity, damage organizational reputation, and cause financial losses. To address these challenges, the implementation of a Quality Management System (QMS) can provide a structured framework for enhancing cybersecurity governance. This research aims to analyze the role of QMS in strengthening cybersecurity governance in organizations. The approach used was descriptive qualitative through case studies, document analysis, and expert interviews. The results show that integrating QMS principles such as continuous improvement, risk-based thinking, and stakeholder engagement into cybersecurity management significantly enhances organizational resilience against cyber threats. Additionally, the study identifies that alignment between ISO 9001:2015 (QMS standard) and ISO/IEC 27001 (Information Security Management System/ISMS) produces an effective governance framework. This alignment enables organizations to establish standardized processes, improve regulatory compliance, and foster a culture of security awareness among employees. The study concludes that QMS implementation is not only beneficial for quality assurance but also serves as a primary driver for effective cybersecurity governance. It is recommended that organizations adopt an integrated management approach that combines QMS and ISMS to achieve sustainable security governance.