A Decision-Making Model for Selecting Personal Data Protection Frameworks for Companies in Indonesia

Aqil Athalla Reksoprodjo, Muhammad Dachyar, Novandra Rhezza Pratama

Research output: Contribution to journalArticlepeer-review


In the modern business landscape, companies frequently utilize personal data for various purposes. However, a lack of attention to data security can create vulnerabilities that may lead to data breaches and misuse of personal information. To bolster personal data protection efforts, the implementation of a robust data security system is imperative. Selecting an appropriate framework plays a crucial role in enhancing personal data protection measures. For companies operating in Indonesia, the absence of a dedicated personal data protection framework tailored to Indonesia's Personal Data Protection Act adds complexity to the selection process. This research aims to address this challenge by identifying the optimal framework alternative for personal data protection. To achieve this objective, an Analytical Hierarchy Process (AHP) approach is employed to ascertain the relative importance of selection criteria. Subsequently, the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) is used to rank the available alternatives. The findings of this study reveal that ISO 27701 emerges as the top choice for the personal data protection framework for companies in Indonesia. By adopting ISO 27701, businesses can enhance their data security measures, comply with relevant regulations, and safeguard personal data more effectively. This research provides valuable insights to assist companies in Indonesia in making informed decisions to protect sensitive personal information.

Original languageEnglish
Pages (from-to)156-171
Number of pages16
JournalJournal of System and Management Sciences
Issue number2
Publication statusPublished - 2024


  • Decision Making
  • Framework Selection
  • Information Security
  • Personal Data Protection


Dive into the research topics of 'A Decision-Making Model for Selecting Personal Data Protection Frameworks for Companies in Indonesia'. Together they form a unique fingerprint.

Cite this