IT Audit of IT Service Provider Using COBIT 4.1 Framework: Case Study at PT. XYZ
DOI:
https://doi.org/10.21111/fij.v2i2.1236Keywords:
IT audit, COBIT 4.1, IT maturity, IT governance, IT service providerAbstract
IT service providers often campaign for the importance of having a high level of IT maturity to its customers. However, not all IT companies have a high commitment to IT management within their own organisation. As a case study, this paper attempts to measure the IT maturity level of PT. XYZ that now is a growing IT services provider. Data collection is done by interview, document study, and direct field observation. The measurement of IT maturity level is conducted using 4 domains of COBIT 4.1 Framework, consists of Plan and Organize (PO), Deliver and Support (DS), Acquire and Implement (AI), and Monitor and Evaluate (ME). The result shows a value of 2.5 which indicates that IT maturity level is at level 2 (Repeatable but Intuitive) which means low enough for companies that should have a high awareness of IT governance and commitment. This study shows that the level of IT maturity in IT service provider is not always as high as its campaign.References
I. P. A. A. Putra, I. M. Sukarsa, and I. P. A. Bayupati, “Audit TI Kinerja Manajemen PT . X dengan Framework Cobit 4.1,” Lontar Komputer, vol. 6, no. 1, pp. 13–24, 2015.
C. Monica, L. W. Santoso, and Y. Yulia, “Audit Awal Sistem Informasi pada PT. X Berdasarkan Standar Control Objectives for Information and Related Technology (Cobit 4.1),” Jurnal Informatika, vol. 13, no. 2, pp. 33–38, 2016.
A. Suradi and S. Wiyanta, “Penerapan Framework COBIT untuk Identifikasi Tingkat Kematangan Tata Kelola Teknologi Informasi: Studi Kasus di Fasilkom UNWIDHA,” Khazanah Informatika, vol. 3, no. 1, pp. 38–42, 2017.
A. Arumana, A. F. Rochim, and I. P. Windasari, “Analisis Tata Kelola Teknologi Informasi Mengunakan Kerangka Kerja Cobit 4.1 pada Fakultas Teknik UNDIP,” Jurnal Teknologi dan Sistem Komputer, vol. 2, no. 2, pp. 162–169, 2014.
S. Hanief, “Audit TI untuk Menemukan Pola Best Practice Pengelolaan TI pada Perbankan (Studi Kasus PT . Bank Syariah Mandiri Cabang Denpasar),” Lontar Komputer, vol. 4, no. 2, pp. 324–335, 2013.
A. A. Shodiq and K. Ghozali, “Evaluasi Kesesuaian Struktur Organisasi Pengelola Teknologi Informasi dengan Rencana Jangka Panjang Instansi,” Jurnal Teknik ITS, vol. 1, no. 1, pp. 316–321, 2012.
E. L. Putra, B. C. Hidayanto, and H. M. Astuti, “Evaluasi Keamanan Informasi pada Divisi Network of Broadband PT. Telekomunikasi Indonesia Tbk. dengan Menggunakan Indeks Keamanan Informasi (KAMI),” Jurnal Teknik Pomits, vol. 3, no. 2, pp. 228–233, 2014.
Y. A. Rizki, A. I. Suroso, and A. Ramadhan, “Evaluasi Tata Kelola Sistem Informasi Business Intelligence pada Perusahaan Minuman Ringan,” Jurnal Manajemen Teknologi, vol. 15, no. 3, pp. 279–296, 2016.
V. U. Tjhin, “Audit Domain Acquire and Implement dengan Cobit 4 . 1 Pada PT Erajaya Swasembada Tbk,”ComTech ,vol. 5, no. 9, pp. 1086–1095, 2014.
R. Alit, I. D. Pratiwi, and M. Idhom, “Tingkat Kematangan Infrastruktur Teknologi Informasi pada Domain Acquire and Implement Menggunakan COBIT 4.1 (Studi Kasus: UPT Perpustakaan Universitas Pembangunan Nasional "Veteran" Jawa Timur),” Kinetik, vol. 2, no. 3, pp. 227–234, 2017.
R. Octavia, “Analisis Tingkat Kematangan Penyediaan Tata Kelola Teknologi Informasi di PDII LIPI Menggunakan Framework Cobit 4.1,” Baca: Jurnal Dokumentasi dan Informasi, vol. 35, no. 2, pp. 85–106, 2014.
Haes, S.D., Grembergen, W.V., 2015, "Chapter 5: COBIT as a Framework for Enterprise Governance of IT". Enterprise Governance of Information Technology: Achieving Alignment and Value, Featuring COBIT 5 (2nd ed.), Springer, Switzerland, pp. 103–128.
Ara Komputer. [online] Ara komputer. Available at: https://www.arakomputer.com/ [Accessed 24 May 2020].
Downloads
Submitted
Accepted
Published
Issue
Section
License
Please find the rights and licenses in the Fountain of Informatics Journal (FIJ). By submitting the article/manuscript of the article, the author(s) agree with this policy. No specific document sign-off is required.
1. License
The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
2. Author(s)' Warranties
The author warrants that the article is original, written by the stated author(s), has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author, and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author(s).
3. User/Public Rights
FIJ's spirit is to disseminate articles published are as free as possible. Under the Creative Commons license, FIJ permits users to copy, distribute, display, and perform the work for non-commercial purposes only. Users will also need to attribute authors and FIJ on distributing works in the journal and other media of publications. Unless otherwise stated, the authors are public entities as soon as their articles got published.
4. Rights of Authors
Authors retain all their rights to the published works, such as (but not limited to) the following rights;
- Copyright and other proprietary rights relating to the article, such as patent rights,
- The right to use the substance of the article in own future works, including lectures and books,
- The right to reproduce the article for own purposes,
- The right to self-archive the article (please read out deposit policy),
- The right to enter into separate, additional contractual arrangements for the non-exclusive distribution of the article's published version (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal (Jurnal Optimasi Sistem Industri).
5. Co-Authorship
If the article was jointly prepared by more than one author, any authors submitting the manuscript warrants that he/she has been authorized by all co-authors to be agreed on this copyright and license notice (agreement) on their behalf, and agrees to inform his/her co-authors of the terms of this policy. FIJ will not be held liable for anything that may arise due to the author(s) internal dispute. FIJ will only communicate with the corresponding author.
6. Royalties
Being an open accessed journal and disseminating articles for free under the Creative Commons license term mentioned, author(s) aware that FIJ entitles the author(s) to no royalties or other fees.
7. Miscellaneous
FIJ will publish the article (or have it published) in the journal if the article’s editorial process is successfully completed. FIJ's editors may modify the article to a style of punctuation, spelling, capitalization, referencing, and usage that deems appropriate. The author acknowledges that the article may be published so that it will be publicly accessible and such access will be free of charge for the readers as mentioned in point 3.
