Risk Management Analysis of PT XYZ Using COBIT 2019 with Domain EDM03, APO12, APO13, and DSS05

Riskila Yulita, Johan Jimmy Carter Tambotoh

Abstract


Technology that continues to develop indirectly forces people to adapt to these developments. The vital role of technology is becoming increasingly felt during the COVID-19 pandemic when all world activities are paralyzed and only allowed to communicate online. However, the enormous benefits of technology are also directly proportional to the risks that may occur. Therefore, IT Risk Management is needed to mitigate potential sources of threat. This research aims to analyze IT risk management by measuring the level of capability, gap analysis, and providing recommendations for improvement using the COBIT 2019 framework to support PT XYZ's work performance and IT security. Researchers used qualitative methods with data collection techniques through observation, interviews, and questionnaires. The results showed that the risk management domain that was the research focus EDM03, APO12, APO13, and DSS05 had a gap between the expected capabilities and what was happening in the company. Therefore, improvement recommendations are needed, such as determining the level of IT risk and socializing it with stakeholders, recording IT risk events, building an Information Security Management System (ISMS), implementing a network filtering mechanism, and regularly evaluating information about potential new threats by reviewing product security and vendor or third-party services.

Full Text:

PDF

References


World Health Orgaization, “Statement on the fifteenth meeting of the IHR (2005) Emergency Committee on the COVID-19 pandemic,” 5 May 2023. Available: https://www.who.int/news/item/05-05-2023-statement-on-the-fifteenth-meeting-of-the-international-health-regulations-%282005%29-emergency-committee-regarding-the-coronavirus-disease-%28covid-19%29-pandemic

I. Ravikumar Ramachandran, CISA, CISM, CGEIT, CRISC, CDPSE, OCA-Multi Cloud Architect, CISSP-ISSAP, SSCP, CAP, PMP, CIA, CRMA, CFE, FCMA, CIMA-Dip.MA, CFA, CEH, ECSA, CHFI, MS (Fin), MBA (IT), COBIT-5 Implementer, Certified COBIT Assessor, ITIL 4 -Managing P, “Can IT Governance Be Dispensed With?,” 20 October, 2021. Available: https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2021/volume-34/can-it-governance-be-dispensed-with#:~:text=The title of this article,of the IT governance process

A. Ahmed, B. Kayis, dan S. Amornsawadwatana, “A review of techniques for risk management in projects,” Benchmarking, vol. 14, no. 1, hal. 22–36, 2007, doi: 10.1108/14635770710730919.

M. Hasan,et al., Metode Penelitian Kualitatif, 1st ed., Tahta Media Group. 2023.

S. A. Chandra, R. Fauzi, dan I. Santosa, “Analisis dan Perancangan Proses Manajemen Kepatuhan Ti Menggunakan Kerangka Kerja Cobit 2019 Di PT Inti (persero),” eProceedings Eng., vol. 7, no. 2, hal. 9635–9642, 2020.

S. D. Haes,et al., “Information System Audit and Control Association”., COBIT 2019 Framework Governance and Management Objectives.

D. F. Tanjung, A. Oktaviana, dan A. P. Widodo, “Analisis Manajemen Risiko Startup pada Masa Pandemi COVID-19 Menggunakan COBIT® 2019,” J. Teknol. Inf. dan Ilmu Komput., vol. 8, no. 3, hal. 635, 2021, doi: 10.25126/jtiik.2021834914.

R. Anugrah, E. Utami, dan A. H. Muhammad, “Analisis Manajemen Risiko TI pada Perguruan Tinggi XYZ Berbasis COBIT 2019 Dengan Pertimbangan Domain APO12,” J. Ilm. Univ. Batanghari Jambi, vol. 22, no. 2, hal. 991, 2022, doi: 10.33087/jiubj.v22i2.2175.

J. S. A. Rajjani, B. T. Hanggara, dan Y. T. Musityo, “Evaluasi Manajemen Risiko Teknologi Informasi pada Department of ICT PT Semen Indonesia (Perseo) Tbk menggunakan Framework COBIT 2019 dengan …,” … Teknol. Inf. dan Ilmu …, vol. 5, no. 5, hal. 1734–1744, 2019, [Daring]. Tersedia pada: https://j-ptiik.ub.ac.id/index.php/j-ptiik/article/download/8982/4092

L. F. Wirawan dan J. Tambotoh, “Evaluasi Kinerja Tata Kelola Teknologi Informasi pada PT. XYZ Menggunakan COBIT 2019,” Jutisi J. Ilm. Tek. Inform. dan Sist. Inf., vol. 11, no. 3, hal. 775, 2022, doi: 10.35889/jutisi.v11i3.992.

A. Christopher, “Employing COBIT 2019 for Enterprise Governance Strategy,” ISACA, 2019. https://www.isaca.org/resources/news-and-trends/industry-news/2019/employing-cobit-2019-for-enterprise-governance-strategy#16

P. N. Anastasia, L. H. Atrinawati, P. Studi, S. Informasi, dan I. T. Kalimantan, “Perancangan Tata Kelola Teknologi Informasi Menggunakan Framework Cobit 2019 Pada Hotel Xyz perkembangan bisnis maupun tamu hotel . Dampak positif tersebut seperti jangkauan yang TI . Jika layanan TI dalam perusahaan tidak dikelola dengan baik , maka akan,” J. Sist. Inf., vol. 12, no. 2, 2020.

D. Darmawan dan A. F. Wijaya, “Analisis dan Desain Tata Kelola Teknologi Informasi Menggunakan Framework COBIT 2019 pada PT. XYZ,” J. Comput. Inf. Syst. Ampera, vol. 3, no. 1, hal. 1–17, 2022, doi: 10.51519/journalcisa.v3i1.139.

M. Silvianthie, S. Suprapto, dan A. R. Perdanakusuma, “Evaluasi Tata Kelola dan Manajemen Risiko Teknologi Informasi pada PT. IKI Karunia Indonesia menggunakan COBIT 2019,” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 6, no. 12, hal. 5726–5735, 2022, [Daring]. Tersedia pada: https://j-ptiik.ub.ac.id/index.php/j-ptiik/article/view/11983

M. Lestari, Y. Nataliani, dan I. R. Widiasari, “Analisis Kinerja Sistem Informasi Akademik Menggunakan Framework Cobit 2019 (Studi Kasus: Sia-Sat Uksw),” JUSIM (Jurnal Sist. Inf. Musirawas), vol. 7, no. 1, hal. 1–12, 2022, doi: 10.32767/jusim.v7i1.1424.

N. M. Parera, J. J. C. Tambotoh, “Pengukuran Kapabilitas Tata Kelola Teknologi Informasi pada DISKOMINFO Salatiga menggunakan COBIT2019,” J. SISTEMASI, vol. 13, no. 1, hal. 324-334, 2024, doi: https://doi.org/10.32520/stmsi.v13i1.3669




DOI: https://doi.org/10.32520/stmsi.v13i5.4430

Article Metrics

Abstract view : 124 times
PDF - 54 times

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.