IT Audit of IT Service Provider Using COBIT 4.1 Framework: Case Study at PT. XYZ

Muhammad Malik Hakim


IT service providers often campaign for the importance of having a high level of IT maturity to its customers. However, not all IT companies have a high commitment to IT management within their own organisation. As a case study, this paper attempts to measure the IT maturity level of PT. XYZ that now is a growing IT services provider. Data collection is done by interview, document study, and direct field observation. The measurement of IT maturity level is conducted using 4 domains of COBIT 4.1 Framework, consists of Plan and Organize (PO), Deliver and Support (DS), Acquire and Implement (AI), and Monitor and Evaluate (ME). The result shows a value of 2.5 which indicates that IT maturity level is at level 2 (Repeatable but Intuitive) which means low enough for companies that should have a high awareness of IT governance and commitment. This study shows that the level of IT maturity in IT service provider is not always as high as its campaign.


IT audit; COBIT 4.1; IT maturity; IT governance; IT service provider

Full Text:


Article Metrics

Abstract view : 788 times
PDF - 142 times


I. P. A. A. Putra, I. M. Sukarsa, and I. P. A. Bayupati, “Audit TI Kinerja Manajemen PT . X dengan Framework Cobit 4.1,” Lontar Komputer, vol. 6, no. 1, pp. 13–24, 2015.

C. Monica, L. W. Santoso, and Y. Yulia, “Audit Awal Sistem Informasi pada PT. X Berdasarkan Standar Control Objectives for Information and Related Technology (Cobit 4.1),” Jurnal Informatika, vol. 13, no. 2, pp. 33–38, 2016.

A. Suradi and S. Wiyanta, “Penerapan Framework COBIT untuk Identifikasi Tingkat Kematangan Tata Kelola Teknologi Informasi: Studi Kasus di Fasilkom UNWIDHA,” Khazanah Informatika, vol. 3, no. 1, pp. 38–42, 2017.

A. Arumana, A. F. Rochim, and I. P. Windasari, “Analisis Tata Kelola Teknologi Informasi Mengunakan Kerangka Kerja Cobit 4.1 pada Fakultas Teknik UNDIP,” Jurnal Teknologi dan Sistem Komputer, vol. 2, no. 2, pp. 162–169, 2014.

S. Hanief, “Audit TI untuk Menemukan Pola Best Practice Pengelolaan TI pada Perbankan (Studi Kasus PT . Bank Syariah Mandiri Cabang Denpasar),” Lontar Komputer, vol. 4, no. 2, pp. 324–335, 2013.

A. A. Shodiq and K. Ghozali, “Evaluasi Kesesuaian Struktur Organisasi Pengelola Teknologi Informasi dengan Rencana Jangka Panjang Instansi,” Jurnal Teknik ITS, vol. 1, no. 1, pp. 316–321, 2012.

E. L. Putra, B. C. Hidayanto, and H. M. Astuti, “Evaluasi Keamanan Informasi pada Divisi Network of Broadband PT. Telekomunikasi Indonesia Tbk. dengan Menggunakan Indeks Keamanan Informasi (KAMI),” Jurnal Teknik Pomits, vol. 3, no. 2, pp. 228–233, 2014.

Y. A. Rizki, A. I. Suroso, and A. Ramadhan, “Evaluasi Tata Kelola Sistem Informasi Business Intelligence pada Perusahaan Minuman Ringan,” Jurnal Manajemen Teknologi, vol. 15, no. 3, pp. 279–296, 2016.

V. U. Tjhin, “Audit Domain Acquire and Implement dengan Cobit 4 . 1 Pada PT Erajaya Swasembada Tbk,”ComTech ,vol. 5, no. 9, pp. 1086–1095, 2014.

R. Alit, I. D. Pratiwi, and M. Idhom, “Tingkat Kematangan Infrastruktur Teknologi Informasi pada Domain Acquire and Implement Menggunakan COBIT 4.1 (Studi Kasus: UPT Perpustakaan Universitas Pembangunan Nasional "Veteran" Jawa Timur),” Kinetik, vol. 2, no. 3, pp. 227–234, 2017.

R. Octavia, “Analisis Tingkat Kematangan Penyediaan Tata Kelola Teknologi Informasi di PDII LIPI Menggunakan Framework Cobit 4.1,” Baca: Jurnal Dokumentasi dan Informasi, vol. 35, no. 2, pp. 85–106, 2014.

Haes, S.D., Grembergen, W.V., 2015, "Chapter 5: COBIT as a Framework for Enterprise Governance of IT". Enterprise Governance of Information Technology: Achieving Alignment and Value, Featuring COBIT 5 (2nd ed.), Springer, Switzerland, pp. 103–128.

Ara Komputer. [online] Ara komputer. Available at: [Accessed 24 May 2020].


  • There are currently no refbacks.