As digital transformation accelerates, information security has become a top priority for organizations seeking to protect sensitive data from cyber threats. A Security Information Management System (SIMS) plays a critical role in enabling organizations to systematically manage and sustain their information security efforts. This research explores the implementation of an open-source SIMS to support IT security audits, focusing on the system's effectiveness, efficiency, and adaptability to evolving cyber threats. The advantages of open-source software, including transparency, flexibility, and cost reduction, are examined in the context of its use in security audits. A case study was conducted to evaluate the performance of an opensource SIMS within a specific organizational environment. Findings indicate that open-source solutions can provide adequate support for IT security audit processes, ensuring compliance with security standards while facilitating risk identification and mitigation. The study concludes that adopting an open-source SIMS can be an effective and economical alternative for organizations looking to enhance their information security management.