Domain Analysis and Audit of IT Governance Based On COBIT 5 at Denpasar Industrial Training Center

I Made Artana; Nyoman Putra Sastra; Dewa Made Wiharta

doi:10.23887/janapati.v12i1.55989

Authors

I Made Artana Universitas Udayana
Nyoman Putra Sastra Universitas Udayana https://orcid.org/0000-0002-8641-1577
Dewa Made Wiharta Universitas Udayana https://orcid.org/0000-0003-2180-7965

DOI:

https://doi.org/10.23887/janapati.v12i1.55989

Keywords:

Information System Audit, COBIT 5 Framework, capability level, gap analysis

Abstract

Information technology has become a key element of organizations and one of institutions’ added value and competitive advantages. Therefore, IT must be properly managed and measured. Denpasar Industrial Training Center (BDI) has implemented the IT Governance Education and Training Information System, SISDIKLAT. These applications have never been evaluated from an IT governance perspective. This study aimed to determine domains and assess SISDIKLAT using methods relevant to COBIT 5. To assist the organization in focusing on its main objectives and strategies, a tailored governance system based on the specificities of SISDIKLAT is required. This research assist BDI Denpasar in establishing healthy governance and IT management by utilizing the COBIT 5 framework. Both qualitative and quantitative approaches are used to select relevant governance/management objectives. Four domains and nine subdomains were chosen based on the domain analysis. According to the assessment results, the capability value of each subdomain was 2--3, with a gap value of 0.2--0.8. To reach the target level, the nine subdomains were advised.

References

H. Taherdoost, “A review of technology acceptance and adoption models and theories,” Procedia Manuf, vol. 22, pp. 960–967, 2018, doi: https://doi.org/10.1016/j.promfg.2018.03.137.

M. Lee et al., “How to respond to the fourth industrial revolution, or the second information technology revolution? Dynamic new combinations between technology, market, and society through open innovation,” Journal of Open Innovation: Technology, Market, and Complexity, vol. 4, no. 3, p. 21, 2018, doi: https://doi.org/10.3390/joitmc4030021.

“Profile, Duties, and Functions of The Denpasar Training Centre (BDI) Denpasar.” https://bdidenpasar.kemenperin.go.id/ (accessed Aug. 22, 2022).

U. P. Rahargo and L. M. Jannah, “Tantangan Dalam Pengembangan Program Pelatihan Balai Diklat Industri Di Era Revolusi Industri 4.0,” Kebijakan: Jurnal Ilmu Administrasi, vol. 11, no. 2, pp. 1–9, 2020, doi: https://doi.org/10.23969/kebijakan.v11i2.2894.

S. Siregar, E. Rustamaji, and others, “Determining evaluated domain process through problem identification using COBIT 5 framework,” in 2017 5th International Conference on Cyber and IT Service Management (CITSM), 2017, pp. 1–6. doi: https://doi.org/10.1109/CITSM.2017.8089281.

Y. Mitev and L. Kirilov, “Group Decision Support for e-Mail Service Optimization through Information Technology Infrastructure Library Framework,” in 2021 16th Conference on Computer Science and Intelligence Systems (FedCSIS), 2021, pp. 227–230. doi: 10.15439/2021F93.

I. Meriah and L. B. A. Rabai, “Comparative Study of Ontologies Based ISO 27000 Series Security Standards,” Procedia Comput Sci, vol. 160, pp. 85–92, Jan. 2019, doi: 10.1016/J.PROCS.2019.09.447.

C. Gikas, “A general comparison of FISMA, HIPAA, ISO 27000 and PCI-DSS Standards,” Information Security Journal, vol. 19, no. 3, pp. 132–141, 2010, doi: 10.1080/19393551003657019.

B. S. L. Borges, “Comparison of COBIT 5 and ITIL V3 using Semantic Analysis,” 2018, [Online]. Available: https://www.semanticscholar.org/paper/Comparison-of-COBIT-5-and-ITIL-V3-using-Semantic-Borges/c91dcbbfe99b45d3a831e990865c4d56cacf6d68

L. A. Aprilianti, E. Darwiyanto, and Y. F. Arie, “Information Technology Governance Audit Using the COBIT 5 Framework (Case Study of PDAM Tirta Patriot Kota Bekasi),” Indonesia Journal on Computing (Indo-JC), vol. 6, no. 2, pp. 11–22, 2021, doi: https://doi.org/10.34818/INDOJC.2021.6.2.563.

R. Almeida, R. Lourinho, M. M. da Silva, and R. Pereira, “A model for assessing COBIT 5 and ISO 27001 simultaneously,” in 2018 IEEE 20th Conference on Business Informatics (CBI), 2018, vol. 1, pp. 60–69. doi: https://doi.org/10.1109/CBI.2018.00016.

R. Umar, I. Riadi, and E. Handoyo, “Analysis security of SIA based DSS05 on COBIT 5 using capability maturity model integration (CMMI),” Sci. J. Informatics, vol. 6, no. 2, pp. 193–202, 2019, doi: https://doi.org/10.15294/sji.v6i2.17387.

A. Razzaque, “Artificial Intelligence and IT Governance: A Literature Review,” in The Big Data-Driven Digital Economy: Artificial and Computational Intelligence, A. M. A. Musleh Al-Sartawi, Ed. Cham: Springer International Publishing, 2021, pp. 85–97. doi: 10.1007/978-3-030-73057-4_7.

R. Yunis, Djoni, and Angela, “A Proposed of IT Governance Model for Manage Suppliers and Operations Using COBIT 5 Framework,” in 2019 Fourth International Conference on Informatics and Computing (ICIC), 2019, pp. 1–6. doi: 10.1109/ICIC47613.2019.8985979.

S. Galiveeti, L. Tawalbeh, M. Tawalbeh, and A. A. A. El-Latif, “Cybersecurity Analysis: Investigating the Data Integrity and Privacy in AWS and Azure Cloud Platforms,” in Artificial Intelligence and Blockchain for Future Cybersecurity Applications, Y. Maleh, Y. Baddi, M. Alazab, L. Tawalbeh, and I. Romdhani, Eds. Cham: Springer International Publishing, 2021, pp. 329–360. doi: 10.1007/978-3-030-74575-2_17.

C. Montenegro, A. de la Torre, and N. Nuñez, “Integrated IT Governance and Management Model: Evaluation in a Developing Country,” in Trends and Applications in Software Engineering, 2018, pp. 71–81.

I. Aguilar-Alonso and J. Vergara-Calderón, “Identification of IT Governance Frameworks and Standards Implemented in Organizations,” in 2020 IEEE International Conference on Sustainable Engineering and Creative Computing (ICSECC), Dec. 2020, pp. 36–41. doi: 10.1109/ICSECC51444.2020.9557561.

A. I. Saridewi, D. M. Wiharta, and N. P. Sastra, “Evaluation of Integrated University Management Information System Using COBIT 5 Domain DSS,” in 2018 International Conference on Smart Green Technology in Electrical and Information Systems: Smart Green Technology for Sustainable Living, ICSGTEIS 2018 - Proceeding, 2018. doi: 10.1109/ICSGTEIS.2018.8709144.

S. Tranchard, “Risk management: The new ISO 31000 keeps risk management simple,” Governance Directions, vol. 70, no. 4, pp. 180–182, 2018.

B. Barafort, A.-L. Mesquida, and A. Mas, “Integrated risk management process assessment model for IT organizations based on ISO 31000 in an ISO multi-standards context,” Comput Stand Interfaces, vol. 60, pp. 57–66, 2018, doi: https://doi.org/10.1016/j.csi.2018.04.010.

G. Auth, “The Evolution of IT Management Standards in Digital Transformation: Current Status and Research Implications,” in Engineering the Transformation of the Enterprise: A Design Science Research Perspective, S. Aier, P. Rohner, and J. Schelp, Eds. Cham: Springer International Publishing, 2021, pp. 301–318. doi: 10.1007/978-3-030-84655-8_19.

Idil Kaya, “Perspectives on Internal Control and Enterprise Risk Management,” in Eurasian Business Perspectives, 2018, pp. 379–389.