The Financial Services Authority (OJK) has taken significant steps in strengthening its information security framework by adopting the ISO/IEC 27001:2022 standard for Information System Security Management (MPSI). This adoption reflects OJK¡¯s commitment to the best international practices in securing sensitive data and maintaining robust cybersecurity measures. Following this; OJK has successfully obtained the corresponding certification; demonstrating its adherence to stringent security protocols.OJK has expanded its technological infrastructure by deploying multiple information system services; including applications; networks; and office tools; on cloud service providers (CSPs). These services are hosted and managed by CSPs to enhance operational efficiency; scalability; and security. By leveraging cloud solutions; OJK can improve accessibility while maintaining a high level of data protection; aligning with international cybersecurity standards.To realize this vision; OJK aims to develop and implement a comprehensive Information System (IS) Security Management policy for internet-facing applications and information system services. This policy must align with ISO/IEC 27032; 27002; and 27001; covering critical aspects such as roles; governance frameworks; methodologies; processes; and applicable technical security controls. Furthermore; OJK plans to formulate security policies for services¡ªincluding applications; networks; and office tools¡ªhosted and managed by cloud service providers (CSPs). This collaboration is essential to strengthening OJK¡¯s cybersecurity resilience while ensuring compliance with international standards.