Most of Organization using the Information Technology is to enhance the performance of their process business and increase the productivity. There are no doubt about the successfully of using IT, but another problems that produce from this paradigm that data security awareness. This paper will describe the assessment process of data security process management and implementation at the research object which is has implementing IT as the main support in their Process Business. The assessment model based on ISO/IEC 27002, as an internal standard of cyber security issues. The result of this paper will be input to the Object in another assessment IT process business.