Public Complaint Recording System Application Based on ISO/IEC 29119:2022 Standard

Authors

Keywords:

Software Testing, ISO/IEC 29119:2022, Black Box Testing, Complaint System, Application Security

Abstract

The Public Complaint Recording Application is a web-based platform created using PHP Native and Bootstrap 5. This study was conducted to analyze the quality of the application through a systematic testing process in accordance with the ISO/IEC 29119:2022 standard using the Black Box Testing approach. The focus of this testing is on key features, such as authentication (registration and login), complaint data management (CRUD operations), report printing, and the application exit mechanism. Of the total 25 test scenarios evaluated, the application showed a success rate of 40%, with details of 10 successful scenarios (Pass), 14 unsuccessful scenarios (Fail), and 1 scenario appearing with a partially successful result. In addition, this study identified 10 bugs with varying levels of severity. Among these bugs, five of them are categorized as Critical because they are directly related to the system's security aspects. Critical bugs discovered include vulnerabilities to SQL Injection, XSS attacks, authorization flaws that allow unauthorized access, security holes in the file upload feature, and direct access to URLs without authentication. These findings indicate several security risks in the application that need to be addressed immediately. This study provides recommendations for improvements that should be prioritized, especially related to the implementation of input validation, session management, authorization control, and the use of prepared statements to prevent SQL Injection attacks. With improvements in these areas, it is hoped that the security, reliability, and overall quality of the application can be improved, so that the system can be used safely and effectively by the public.

References

Sari, R. (2021). Pengujian sistem informasi akademik menggunakan ISO/IEC 29119. Jurnal TEKNOSI.

Winata, W. (2021). Pengujian website EPOS dengan black box dan equivalence partitioning.Jurnal Informatika.

https://ojs.uajy.ac.id/index.php/jiaj/article/view/6780

(2025). Analisis kerentanan keamanan website menggunakan OWASP Top-10: Studi kasus Web BNPB. Indonesian Journal of Education And Computer Science.

PDF: https://jurnal.intekom.id/index.php/indotech/article/view/1411

Yusuf, M. F., Hikmah, I. R., & Amiruddin. (2025). Security testing of XYZ website application using ISSAF and OWASP WSTG v4.2 methods. Teknika, 14(1), 66–77.

PDF: https://ejournal.ikado.ac.id/index.php/teknika/article/view/1156

Sugara, V. I., & Sriyasa, I. W. (2024). Analisis keamanan web menggunakan OWASP. The Indonesian Journal of Computer Science, 13(2).

PDF: https://ijcs.net/ijcs/index.php/ijcs/article/view/3736

Rafeli, A. I., Seta, H. B., & Widi, I. W. (2025). Pengujian celah keamanan website menggunakan OWASP WSTG. Informatik.

PDF: https://ejournal.upnvj.ac.id/informatik/article/view/4632

Widianto, F., Wijaya, E. S., Harjono, H., & Wicaksono, A. P. (2025). Analisis kerentanan aplikasi web menggunakan metode PTES. Jurnal Pendidikan dan Teknologi Indonesia, 5(1), 155–166.

PDF: https://www.jpti.journals.id/index.php/jpti/article/view/609

Herman, H., Riadi, I., Kurniawan, Y., & Rafiq, I. A. (2023). Analisis keamanan website menggunakan ISSAF. Jurnal Teknologi Informatika dan Komputer, 9(1).

PDF: https://journal.thamrin.ac.id/index.php/jtik/article/view/1439

Febrian, D. W., Huwae, R. B., & Mardiansyah, A. Z. (2025). Security analysis of university websites against SQLi, XSS & IDOR attacks. BITe, 7(1), 25–38.

PDF: https://journal.universitasbumigora.ac.id/bite/article/view/5032

Siddiq, M., & Subandri, M. A. (2025). Pengujian kualitas website Kelurahan Rimba Sekampung berdasarkan ISO 29119:2022. SABER, 3(4), 29–39.

PDF: https://jurnal.stikes-ibnusina.ac.id/index.php/SABER/article/view/3213

Fachrurrozi, M., & Widodo, W. (2021). Pengujian aplikasi web menggunakan metode Black Box Testing. Jurnal Teknologi dan Sistem Informasi, 8(3).

PDF: https://ojs.trigunadharma.ac.id/index.php/jtsi/article/view/1044

Utami, D., & Hidayat, T. (2022). Implementasi Black Box Testing pada aplikasi layanan masyarakat. Jurnal Sisfokom, 11(2), 178–189.

PDF: https://jurnal.stmikroyal.ac.id/index.php/sisfokom/article/view/1917

Romadhoni, R., & Nuryasin, I. (2023). Analisis kondisi keamanan aplikasi web menggunakan OpenVAS. Jurnal Teknik Informatika Unika, 12(1).

PDF: https://ejournal.unika.ac.id/index.php/jti/article/view/6574

Putra, R. A., & Rahmatullah, A. (2020). Penerapan metode Black Box pada sistem informasi aduan masyarakat. Jurnal Teknologi Informasi, 9(2).

PDF: https://journal.amikom.ac.id/index.php/ijcit/article/view/1205

Aldiansyah, H., & Kurniawan, D. (2021). Analisis keamanan web berbasis PHP menggunakan teknik security testing. Jurnal Ilmiah Teknologi Informasi, 15(1).

PDF: https://jurnal.polsri.ac.id/index.php/sinkron/article/view/2319

Sembiring, A., & Hutabarat, D. (2023). Pengujian kerentanan aplikasi dengan BurpSuite. Jurnal Rekayasa Sistem & Teknologi Informasi, 7(4).

PDF: https://jim.teknokrat.ac.id/index.php/JIRSTI/article/view/2763

Amalia, N., & Rohman, M. (2024). Security testing pada aplikasi e-government. Jurnal Sistem Informasi dan Keamanan, 10(1).

PDF: https://journal.unisayogya.ac.id/index.php/jsik/article/view/3941

Fathoni, A., & Saputra, Y. (2023). Evaluasi keamanan web UMKM menggunakan OWASP ZAP. Jurnal Teknologi Komputer, 1).

PDF: https://journal.itk.ac.id/index.php/jtk/article/view/1847

Rizqi, M., & Satria, A. (2020). Testing dan analisis kualitas software berbasis web. Jurnal Informatika Polinema, 4(2).

PDF: https://jurnal.polinema.ac.id/index.php/inf/article/view/2240

Damanik, R., & Ginting, R. (2022). Uji keamanan website menggunakan OWASP dan SQLMap. Jurnal Teknik Informatika UNIMED, 11(2).

PDF: https://jurnal.unimed.ac.id/202/index.php/jti/article/view/30923

Fajri, H., & Rafiudin. (2024). Analisis kelemahan autentikasi pada platform pengaduan publik berbasis web. Jurnal Informasi & Teknologi, 6(1).

PDF: https://ejournal.unib.ac.id/index.php/infortech/article/view/3879

Mahendra, Y. S., & Arfianto, N. (2019). Pengujian fungsional sistem layanan publik menggunakan Black Box Testing. Jurnal Sains dan Teknologi Komputer, 4(3).

PDF: https://jurnal.stkipsimbah.ac.id/index.php/jstk/article/view/1331

JISBT-DECEMBER-2025

Downloads

Published

2025-12-31

Issue

Vol. 1 No. 4 (2025): Journal of Information Systems and Business Technology

Section

Articles

License

Copyright (c) 2025 Achmad Irvan Zidny, Nazilah Marzukoh, Chairul Anwar (Penulis)

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Creative Commons Attribution 4.0 International (CC BY 4.0).

How to Cite

Irvan Zidny, A., Marzukoh, N., & Anwar, C. (2025). Public Complaint Recording System Application Based on ISO/IEC 29119:2022 Standard. Journal of Information Systems and Business Technology, 1(4), 137-142. https://journal.jci.co.id/jisbt/article/view/267

Most read articles by the same author(s)

1 2 3 > >>