Punto Widharto,Zaldy Suhatman,Rizal Fathoni Aji

DOI: https://doi.org/10.12928/telkomnika.v20i2.21668

2022-04-01

TELKOMNIKA (Telecommunication Computing Electronics and Control)

Abstract:The very close involvement of technology in the banking industry makes almost all banking activities and products currently dependent on information technology (IT). PT BPRS Bhakti Sumekar (PT BBS Bank) is one of the banks that realizes the importance of IT in the digital era and has included IT as part of the company's strategic plan. The company states that compliance with regulations, best practices, and standards is key to a successful IT implementation. In this study, the measurement of the capability level of corporate IT governance was conducted to determine what IT priorities were based on the company's strategic objectives and what recommendations could be given based on best practices to improve IT services in support of the company's strategic goals. The framework to be used is control objective for information and related technology (COBIT); the most widely used framework suitable for service-oriented organizations. The results of research using COBIT 2019 show how IT governance is needed by the company and what should be prioritized. The measurement results found that there is still a gap between management's expectations and the current level of capability and provide recommendations on what companies need to improve performance in order to meet expectations.

Sherly Sherly,Melissa Indah Fianty

DOI: https://doi.org/10.34288/jri.v6i2.267

2024-03-11

Jurnal Riset Informatika

Abstract:This research aims to enhance information technology (IT) governance in a financial technology company by focusing on peer-to-peer lending services. The main challenges faced by the company involve a lack of system design details, leading to post-implementation imperfections and negative impacts on business process performance, including unnecessary delays and adjustments. The lack of transparency in system evaluation is also a hindrance caused by incomplete recording of test results. Therefore, this research aims to address these challenges by utilizing the COBIT 2019 framework. The study employs a qualitative approach, utilizing data obtained through interviews and literature studies supported by the COBIT Tool Kit. The analysis is conducted on three main objectives: security management, solution identification, and IT change management, to identify disparities between the current status and desired targets. The analysis results highlight the need for improvements in specific aspects, including the lack of system design details, more precise information in the change process, and deficiencies in recording test results. Recommendations for improvement involve the development of more detailed guidelines for system design, enhanced documentation of changes, and improvements in testing instructions and result reporting. Additionally, recommendations focus on enhancing capabilities through proactive evaluation, refining security plans, developing more adaptive solution acquisition strategies, and improving testing practices. Thus, this research underscores the importance of strategic improvements within the IT and Information Systems governance framework to shape a more effective and transparent operational environment in Financial Technology companies.

English Else

Fachrizal,*Ahmad Nurul Fajar,,

DOI: https://doi.org/10.35940/ijitee.a3965.039520

2020-03-30

International Journal of Innovative Technology and Exploring Engineering

Abstract:The purpose of this research is to know the priority IT process in IT department at XYZ Organization and to know the level of capability in each IT process priority at IT department at XYZ organization. The data used and processed in this research were obtained from interviews with IT Director, IT Governance Supervisor, IT Development Supervisor, IT Operations Supervisor and Information Management Supervisor, and also observed the processes in the IT department. The result is obtained by priority IT processes and the level of capability in each of the priority IT processes at XYZ Organization. Based on the case study analysis, in order to create IT governance in accordance with the standards in the COBIT 5 framework, the organization have to improve IT governance thoroughly and continuously and fulfill the criteria in the COBIT 5 framework for all IT process in XYZ Organization.

Putra Pamungkas Sukmana,Titan Parama Yoga,Chairul Habibi

DOI: https://doi.org/10.32627/aims.v6i2.816

2023-09-18

Jurnal Accounting Information System (AIMS)

Abstract:This research was conducted to know, analyze, and audit on information system risk management on Digo.id website. The framework used in this audit research is COBIT 5 and ISO 31000, using qualitative descriptive research methods, these methods are used to obtain results that can be a clear picture of how Risk Management is implemented by the company. The results showed that the Existing Capability is at level 1, while the Capability Target is at level 3 so the final result of this audit is that the company still has 2 Capability GAPs to achieve the Capability Target.

Marco Viriyatama Lim,Melissa Indah Fianty

DOI: https://doi.org/10.46729/ijstm.v4i5.955

2023-09-27

Abstract:A retail company faced challenges such as network issues, unreliable third-party databases, and a lack of employee understanding of input transactions and the introduction of new products or services. The research employed interviews and questionnaires to address these issues and assess the company's information technology governance using the 2019 COBIT framework. The findings would help identify appropriate processes to address the company's difficulties. The prioritized domains included APO12 - Risk Management, BAI03 - Solution Identification and Development, BAI06 - IT Change Management, and BAI10 - Configuration Management. The research revealed that APO12 reached level 3 (highly achieved), while BAI03 and BAI06 reached level 4 (significantly achieved), and BAI10 achieved level 4 (completely achieved), aligning with the company's expectations. These results determine the company's IT governance level and have the potential to enhance its capabilities.

Samsinar Samsinar,Rudolf Sinaga

DOI: https://doi.org/10.19184/bst.v10i2.30325

2022-06-28

BERKALA SAINSTEK

Abstract:Reliable and up-to-date information services are one of the parameters for the achievement of an organization's performance, including for a university, which is currently required to be able to adapt to technological advances to produce graduates who can master information technology to support the competence of their respective fields. The curriculum changes launched by the current government are also proof that the application of information technology in higher education is a must. Seeing this, universities have a difficult task, especially at the implementation stage of implementing information technology, because they must prepare not only infrastructure but also human resources who can develop good information system governance. Therefore it is necessary to carry out an IT governance audit. From the results of observations made, XYZ College has utilized information technology in academic services and other information services. However, it was found that information technology governance does not yet have a standard so that it is considered not to be able to meet the desired goals, and instead will cause various problems including uncontrolled operational costs and other problems. The purpose of this study is to measure the performance of information technology governance at XYZ College using the COBIT 2019 framework. Based on the results of an audit conducted from 7 EGIT components, namely processes, organizational structure, information flow and items, people skills and competencies, policies and procedures, culture, ethical behavior, and service infrastructure and application are on average at level 3, it can be concluded that the application of information technology has been running, the infrastructure is adequate but does not have good governance procedures or standards. It is recommended that XYZ Higher Education make standards for information technology governance as well as periodic evaluations of the use of all components of information technology, both software, hardware, and brainware.

L H Atrinawati,E Ramadhani,T P Fiqar,Y T Wiranti,A I N F Abdullah,H M J Saputra,D B Tandirau,H M J Saputra and D B Tandirau

DOI: https://doi.org/10.1088/1742-6596/1803/1/012033

2021-02-19

Journal of Physics: Conference Series

Abstract:University XYZ is a state university in East Kalimantan, which established in 2014. All of its academic and non-academic activities are supported by information technology managed by the Information and Communication Technology Unit (ICT Unit). University XYZ implements an information technology governance system that aims to support the University XYZ business strategy and goals optimally. Information technology governance systems must be well managed to support business process activities in University XYZ. This study aims to evaluate the capability of information technology governance system using the COBIT 2019 framework. This study uses COBIT 2019 design tools and core model to evaluate University XYZ governance system, then provide assistance in determining a governance system that is adjusted to the COBIT 2019 capability level assessment. The result of this research is a recommendation of the core model or process and the capability level that must be implemented by University XYZ. This research will conclude that there are 11 Governance and Management Objectives that have a priority of more than 50%. This study conducts an evaluation phase of the core model or process so that recommendations are obtained for the development of information technology governance.

Albaar Rubhasy,Dewi Murti Milasari

DOI: https://doi.org/10.33322/petir.v13i1.891

2020-03-21

Petir

Abstract:The purpose of this study is to evaluate the level of IT maturity that occur in XYZ Shipping Company using COBIT 4.1 framework as a best practice in information technology audit. The company is highly depend on Key Logistics System as a core system in shipping process. For this reason, the company wants to focus on internal processes by increasing efficiency while minimizing costs, so COBIT IT Process was chosen: PO3, AI2, AI5, AI3, AI4, AI7, PO6, DS3, DS7, DS8, DS9, PO5, and DS6. An assessment was conducted on 26 Key Logistics System users as respondents. Stages of research to be carried out include: identification of the COBIT 4.1 process; data collection; measurement of current and target maturity levels; gap analysis; and preparation of recommendations. Result has shown that the average maturity score of the Key Logistics System is 3,50 or in maturity level 4 (managed). At this level the key logistics system process has been carried out and part of it has been standardized. However, results shows that there are some gaps below the target, such as IT Process PO5, AI2, and AI5 which have maturity level 3 (defined). In order to improve the maturity level, XYZ Shipping Company has to optimize the IT investement, application maintenance, and IT resources.

I Putu Agus Raditya Pramita,Gede Indrawan,Komang Setemen

DOI: https://doi.org/10.31763/businta.v7i2.639

2023-11-27

Bulletin of Social Informatics Theory and Application

Abstract:A hospital's operations, such as patient registration, medical management, financial management, and upgrading the services offered in the hospital, are managed and organized using an application system called a hospital management information system (HMIS). Because the lack of evaluation in the usage of HMIS has led to insufficient security in the HMIS, this research focuses on Saraswati Dental and Oral Hospital as the research site. Due to lax security measures, confidential data is readily accessible. The prevalence of duplicate data entry is an issue, and the success of HMIS performance implementation is still unknown. The COBIT 5 framework has been used to administer the HMIS at Saraswati Dental and Oral Hospital using the MEA (Monitor, Evaluate, Assess) and BAI (Build, Acquire, Implement) domains in response to these problems. This decision was made with the intention of aligning the application with the necessary features, monitoring system security, evaluating, and assessing the domain's alignment with the hospital's strategy in order to ascertain whether the current system still achieves the intended goals and maintains the controls required to satisfy the requirements. This study makes use of questionnaire, observation, and interview techniques. The capacity levels used in the COBIT 5 study were taken from ISO/IEC 15504-2-2003, and they were combined using straightforward mathematical calculations in accordance with the rules for computing capability values. Weaknesses or flaws in the security system that need to be fixed can be found by analyzing the capability levels in the MEA and BAI domains. The study's findings include suggestions for increasing the security system, which will enhance Saraswati Dental and Oral Hospital's HMIS performance and give users and patients with more beneficial outcomes

Inna Madiyaningsih,Kalamullah Ramli

DOI: https://doi.org/10.31943/gw.v14i2.476

2023-08-15

Gema Wiralodra

Abstract:Based on the report security year 2022 from company Z in the ICT sector, it was found that on the report firewall security, 96% of level threat is level critical, and 4% is level high. Report email security is session domain 27.3%; Session limits 15.35 %; Forti Guard AntiSpam-IP 3.11%, and the rest is receipt verification; directory filter and access control relay denied. With the challenge of current cyber-attacks, precious data assets need analysis to measure the the level of IT maturity that can ensure stakeholders' interest and maximize benefits and opportunities through technology information. We overcome limitations by analyzing IT maturity using COBIT 5. Research focused only on the APO13 and DSS05 process domains. A study was done to identify the problems based on results observation, checking, and use of a questionnaire in a direct manner. Measurement is done through method evaluation self and interviews deep with the IT team and all power expert who has COBIT certification 5. Analysis results show that the measurement level for the APO13 domain is 3, and for DSS05 is level 2. These results still need to be below the set level 4 target management; therefore, building a framework to monitor, track, and record security data in real time is necessary. With the build framework, Work can help lower the threat level from a critical level to a high level and increase the COBIT Maturity Level to APO13 and DSS05 according to organizational targets.

Ray Farhan Mubarak,Melissa Indah Fianty

DOI: https://doi.org/10.51519/journalisi.v5i3.545

2023-09-01

Journal of Information Systems and Informatics

Abstract:The integration of Information Technology (IT) in companies comes with its own set of challenges. One major issue is the loss of operational data, which directly affects the company's workflow and disrupts its activities. To tackle this problem, the company assesses its IT capability using the COBIT 2019 framework. This framework outlines the objectives of different IT processes and assigns predetermined values to each process. The assessment reveals three levels of IT capability for specific processes within the company: EDM03 (Ensured Risk Optimization) at level 3, APO13 (Managed Security) at level 2, and MEA03 (Managed Compliance with External Requirements) at level 3. The company aims to reach level 4 for these processes. Consequently, recommendations for improvement primarily focus on enhancing the management of information security risks and information security management systems, as well as increasing compliance with policies and regulations.

Jesslyn Kurniawan,Wella Wella

DOI: https://doi.org/10.31937/si.v14i2.3223

2023-12-21

Abstract:PT XYZ is a management consulting company in Jakarta. This company has many products related to information technology. Therefore, measuring the capability of information technology governance at PT XYZ was carried out. The measurement of information technology governance capability is based on problems that are often faced by companies in terms of project management followed by problems related to the company's IT budget and human resources skilled in information technology. Capability measurement is carried out using COBIT 2019 with a qualitative approach. Using data collection methods with interviews and literature study. The results of the data collection showed that there were 3 COBIT 2019 domain processes that matched the company's problems, namely APO06 - Managed Budget and Costs, APO07 - Managed Human Resources, and BAI11 - Managed Projects. The results of the capability measurement carried out concluded that the three selected domain processes namely APO06, APO07, and BAI11 were achieved at level 2 or can be categorized as Fully Achieved so that companies get several recommendations for improvement to improve the quality of their information technology governance and reach a higher level.

Francis Anderson Kojongian,Mewati Ayub

DOI: https://doi.org/10.28932/jutisi.v7i1.3434

2021-04-24

Jurnal Teknik Informatika dan Sistem Informasi

Abstract:In order to achieve the company goals, in Universitas Kristen Maranatha, Information system becomes the main tool and Information Technology infrastructure become the backbone in running the company business model, along with the increasing of portfolio application, number of Information Technology services and the amount of human resources. Universitas Kristen Maranatha requires an international standard instrument to measure several domains, both Manage and Operation domains, holistically. By implementing frameworks such as COBIT 5 or COBIT 5 for IT RISK, ISO 31000: 2018, the company is able to measure planning effectiveness, strategic policies implementation, IT service management measured by Service Level Agreement, monitoring and evaluation. In this research, there are 7 domains implemented as follows: EDM01-Ensure Governance Framework Setting and Maintenance, EDM03- Ensure Risk Optimization, AP002- Manage Strategy, APO09- Manage Service Agreements, AP012-Manage Risk, BAI01-Manage Programmes and Projects, BAI05- Manage Organizational Change Enablement.

English Else

Agustin Simatupang,Henricus Judi Adrianto

DOI: https://doi.org/10.21456/vol14iss2pp162-170

2024-03-05

JURNAL SISTEM INFORMASI BISNIS

Abstract:The development of Information Technology (IT) is rapidly growing and has increasing risks. Based on the Decision of the Ministry of State-Owned Enterprises S-122-MBU-DSI-05-2021 regarding the implementation guidelines for the assessment of IT Maturity Levels, companies are required to carry out an independent assessment of the maturity level of information technology. This research aims to assess the governance of IT risk management using the COBIT 2019 framework. The research method was carried out using descriptive qualitative methods using the COBIT 2019 framework and literature review, as well as through interviews, observations, questionnaires and review of company documents. The assessment results showed an average maturity level of 3.00 (Established) for 2 COBIT 2019 processes which were considered relevant to Information Technology Risk Management. On average, the 2019 COBIT processes have been implemented at PT XYZ is already running well with the IT risk management maturity level at level 3 and initiatives are still needed to reach maturity level 4 or better. Maturity level 3 means the process has been managed and achieved its goals in a more organized manner using organizational assets and resources. The process has been well defined with policies and standard operating procedures for the process and is carried out in accordance with good risk management and supports the Good Corporate Governance. In the process of increasing the maturity level of information technology risk management to higher level, there are 7 (seven) main recommendations to be implemented so that the information technology risk management process can improve and the implementation of recommendations from the assessment results will be prioritized in the implementation roadmap IT according to Company needs and targets.

Muthmainnah Muthmainnah,Desvina Yulisda,Veri Ilhadi

DOI: https://doi.org/10.52088/ijesty.v2i1.223

2021-11-29

Abstract:The use of Information Technology (IT) in higher education is said to be useful if its application is in accordance with the vision and mission of the organization. Academic information system audit is a method of assessing or assessing academic information systems to ensure that the governance and management functions of the information system are implemented properly. Unimal is a university that has implemented information technology in its operational processes. In achieving the organization's vision, the use of IT in the organization must always be monitored so that the services provided to users can be maximized, including by conducting an audit process to identify the level of IT maturity so that IT management can find solutions from processes that are considered less than optimal. This study aims to measure the level of capability of Unimal Academic Information Technology using COBIT 5 Domain APO (Align, Plan, and Organise) in the APO01, APO02, APO04 and APO11 processes. The focus of the research is also based on the need for priority processes in the Malikussaleh University environment and research related to the APO domain has not been carried out. The purpose of this study in general is to analyze Academic Information Technology using the COBIT 5 framework in the APO domain at the Malikussaleh University, as well as to provide solutions for improving academic information technology and IT implementation at the Malikussaleh University.

Elisabet Dela Marcela,Melissa Indah Fianty

DOI: https://doi.org/10.33022/ijcs.v12i4.3353

2023-08-30

Indonesian Journal of Computer Science

Abstract:The utilization of the Peoplesoft Campus Solution (MyUMN) technology, which has become excessively outdated, necessitates an evaluation, development, and rejuvenation of MyUMN to address any occurring issues with definitive solutions. An assessment of the Information Technology governance capability level is carried out using the COBIT 2019 framework. This research focuses on the following specific objectives: BAI03 (Managed Solutions Identification and Build), BAI06 (Managed IT Changes), and BAI07 (Managed IT Change Acceptance and Transitioning). The measurement results reveal that the capability levels for all three objectives are at level 2, while the targeted capability level is at level 4. Consequently, there exists a gap between these two levels. Recommendations encompass prioritizing the documentation of application development and conducting routine reviews of all completed change requests to ensure the alignment of change requests

Taufik Hidayat,Cahyani Budihartanti

DOI: https://doi.org/10.54593/awl.v2i2.14

2021-10-26

JURNAL WIDYA

Abstract:Beiersdorf Indonesia merupakan perushaan FMCG multi nasional yang bergerak dalam kategori perawatan kulit. Dalam operasional perusahaan dalam rangka mengakselerasi dan memonitor penjualan menggunakan aplikasi DAR & BFAST. DAR & BFAST adalah sistem aplikasi yang mendukung proses bisnis dengan fungsinya memonitor aktifitas SPG & Salesman. Masalah yang dihadapi adalah perlunya evaluasi dengan melakukan penilaian tata kelola dan manajemen TI untuk mengetahui kondisi TI saat ini dan pemahaman mengenai kemampuan untuk mencapai tujuan bisnisnya. Penelitian ini akan berfokus pada penilaian kapabilitas proses tata kelola dan manajemen TI pada domain BAI COBIT versi 5 dengan berfokus pada domain proses BAI02 dalam rangka untuk menilai kapabilitas proses terkait pengelolaan pendefinisian kebutuhan dari implementasi DAR & BFAST. Metode penelitian yang digunakan adalah memakai framework penilaian yang mengacu pada COBIT (Control Objective for Information and Related Technology) versi 5. Terdapat Process Assessment Model (PAM) pada framework ini untuk menentukan tingkat efektifitas dan efisiensi dari sekumpulan proses, dengan cara mengevaluasi tingkat kematangan kapabilitasnya. Metode pengumpulan data pada penelitian ini adalah dengan menyebarkan kuesioner dan wawancara ke pihak penanggung jawab proses-proses yang ada. Hasil penilaian implementasi TI berbasis COBIT versi 5 di PT Beiersdorf Indonesia Indonesia menunjukkan tingkat kapabilitas proses TI domain proses BAI02 berada pada level 1 (Performed) dengan skala 24% dengan tingkat pencapaian P (partially achieved). Rekomendasi perbaikan disusun untuk mencapai target tingkat kapabilitas yang diharapkan.

Fathimatus Zahrotun Nisa',Ganes Dwi Febrianti,Navy Nurlyn Ajrina

DOI: https://doi.org/10.47065/bulletincsr.v4i1.313

2023-12-13

Abstract:The use of Information Technology (IT) is an important part of all business activities, especially in the service sector. It is important to ensure the security, availability and integrity of their systems. The impact of failure in IT Risk Management greatly influences success. The implementation of IT Risk Management is needed to be able to help companies in the event of losses. In its use, a framework is needed that functions to identify, evaluate and manage existing risks. Therefore, this research will show the COBIT framework that is suitable for managing existing risk management. This research was carried out using the Systematic Literature Review method which started from the stages of formulating research questions, literature search, literature selection, data extraction and discussion aimed at answering Research Questions. In this research, 25 articles were found which were used as literature sources. The research results show that COBIT 2019 is the version of COBIT most often used in IT Risk Management in the industrial service sectors. In implementing COBIT, companies face various challenges such as lack of in-depth understanding of COBIT, lack of work process documentation and lack of operational standards for risk control and incompatibility of IT strategy with company strategy. This research also found that there are 8 points of COBIT implementation strategy to help service industry companies achieve organizational goals more effectively and efficiently through IT risk management.

Ramadhan Syaeful Bahri,Yeffry Handoko Putra

DOI: https://doi.org/10.34010/aisthebest.v8i2.12175

2024-01-31

is The Best Accounting Information Systems and Information Technology Business Enterprise this is link for OJS us

Abstract:This study aims to establish a framework for governing information systems in Micro, Small, and Medium Enterprises (MSMEs), focusing on decision-making processes in advanced and emerging MSME clusters. COBIT 5 is employed to identify variables and guide the research stages. The research will specifically examine MSMEs located in Bandung District. The evaluation of governance quality for each target, which includes Nurtured MSMEs and Advanced MSMEs, involves utilizing the Process Assessment Model (PAM) derived from COBIT 5. In addition to gathering preliminary data through interviews and surveys conducted in Bandung District, this initial investigation also involved a comparative analysis of various methods employed in prior research about the study's subject matter. The findings from this study reveal that the data processing procedures for MSMEs in the Bandung Regency involve the use of computer/laptop devices. However, certain MSMEs face challenges in adequately managing the acquired data, emphasizing the necessity for more effective data management to ensure the produced data attains the quality required for constructing a model for advanced MSMEs. On the contrary, some other MSMEs in the Bandung Regency exhibit proficient data management practices, conducting regular evaluations of data and information, and basing their decisions on the analyzed data. These two scenarios serve as benchmarks for understanding the decision-making processes of both emerging and advanced MSMEs about data. The aspiration is that the outcomes of this study can serve as a benchmark, offering best practices for MSMEs to enhance the quality of their Decision-Making and achieve excellence in their business operations.

Bernadus Gunawan Sudarsono,Vincent Ray Ananda,Michael Renaldi Kandi

DOI: https://doi.org/10.30813/jbase.v6i1.4311

2023-04-14

JBASE - Journal of Business and Audit Information Systems

Abstract:Perusahaan peralatan tambang adalah perusahaan yang menyediakan barang untuk kebutuhan industri pertambangan. Aplikasi yang digunakan oleh perusahaan alat pertambangan adalah Odoo. Aplikasi ini akan membantu perusahaan dalam menyusun laporan keuangan. Odoo adalah aplikasi keuangan terkomputerisasi yang membantu dalam proses bisnis dan meningkatkan kualitas pelaporan. Audit sistem informasi yang dilakukan pada Odoo adalah untuk mengevaluasi dan mengetahui apakah aplikasi yang digunakan oleh perusahaan dapat membantu perusahaan dalam memdukung proses bisnis yang berjalan. Untuk melakukan hal tersebut, peneliti menggunakan COBIT 5 dengan menggunakan domain DSS (Deliver, Service, and Support) yang berfokus pada sub-domain DSS03 (Manage Problems). Data yang diperoleh selama peneliti melakukan penelitian dianalisis menggunakan capability level untuk mengetahui tingkat kematangan dari aplikasi Odoo. Rata-rata capability level yang diperoleh adalah 2,75 dengan expected level adalah 4. Hasil penelitian berdasarkan analisis capability level dan setiap proses diberikan rekomendasi dan saran yang akan diimplementasikan oleh perusahaan dengan tujuan untuk perubahan agar kedepannya lebih baik.