Publication Search

Information technology (IT) infrastructure planning plays a strategic role in supporting organizational performance and achieving business objectives. However, many organizations experience misalignment between IT infrastructure planning and organizational needs, leading to inefficiencies, limited system integration, and suboptimal utilization of IT investments (Maulana, 2024; Njanka et al., 2025). This study aims to analyze the suitability of IT infrastructure planning with organizational needs using a quantitative approach. The research framework integrates the Strategic Alignment Model (SAM), Strategic Alignment Maturity Model (SAMM), and COBIT 2019 governance principles. Data were collected through a structured questionnaire distributed to IT managers and system users. A total of 85 valid responses were analyzed using descriptive statistics and gap analysis. The results indicate that IT infrastructure planning is moderately aligned with organizational needs, particularly in supporting operational activities. Nevertheless, significant gaps were identified in system integration, scalability, and long-term infrastructure planning. These findings highlight the importance of continuous evaluation and governance-based IT planning to enhance alignment and ensure sustainable organizational performance.

The use of Information Systems and Information Technology (IS/IT) is a crucial factor in improving the efficiency and accuracy of retail sector operations. PT XYZ, a retail-level staple goods provider, has implemented IS/IT to support sales recording, inventory management, security, and operational reporting. This study aims to assess the effectiveness, efficiency, security, and compliance of the information system used. The audit was conducted through observation, interviews, document review, and system testing, referring to the COBIT framework and the ISO/IEC 27001 standard. The audit results indicated that the system supported core operational functions, but weaknesses remained, including insufficient system documentation, limited access controls, and suboptimal data security and backup mechanisms. Furthermore, reliance on manual procedures has the potential to lead to errors and slow down service delivery. Therefore, system improvements, strengthening security controls, developing standard operating procedures, and enhancing the competency of human resources and IT infrastructure are needed. This audit is expected to support improved service quality and secure, effective, and sustainable IT governance at PT XYZ.

This study investigates the role of Information Technology (IT) governance in enhancing risk management performance and ensuring regulatory compliance within multinational digital enterprises. As digital transformation continues to reshape the global business landscape, organizations face increasing challenges in managing technological risks and complying with complex regulatory requirements across various jurisdictions. The study adopts a quantitative approach, using a survey methodology to collect data from senior IT and compliance managers in multinational digital enterprises. The survey focuses on how IT governance frameworks, such as COBIT 2019 and ISO 27000, are utilized to align IT strategies with business objectives, mitigate risks, and maintain regulatory compliance. The findings indicate that organizations with well-established IT governance structures are better positioned to proactively identify and mitigate risks, ensuring greater consistency in meeting regulatory requirements. These organizations demonstrate improved risk management effectiveness, especially concerning cybersecurity, data privacy, and compliance with global regulations like GDPR. In contrast, organizations with ad hoc or decentralized governance structures struggle with fragmented risk management and compliance efforts. The study further highlights the importance of integrating IT governance frameworks with internal audit functions, specifically the Chief Audit Executive (CAE), to enhance cybersecurity resilience and ensure compliance with global standards. This research contributes to the literature by providing empirical evidence on the integration of IT governance, risk management, and regulatory compliance in multinational enterprises. It also highlights the need for a structured and systematic approach to IT governance to improve organizational performance in managing risks and ensuring consistent regulatory adherence. The study offers practical insights for organizations looking to optimize their IT governance structures in the face of rapid digital transformation.

Digital transformation initiatives have become essential for organizations seeking to remain competitive in today’s rapidly evolving technological landscape. However, many organizations face challenges due to ineffective Information Systems (IS) governance, which hampers strategic decision-making and the successful execution of these initiatives. This study aims to develop an IS governance framework that enhances decision-making quality by aligning IT decisions with organizational goals during digital transformation efforts. The proposed framework addresses existing gaps in current IS governance models, offering a solution to common challenges such as inadequate governance structures, resource constraints, and misalignment between IT and business strategies. The framework was developed through a mixed-method approach, including conceptual framework development, expert consensus via the Delphi method, and organizational validation studies. Key findings reveal that the framework improves transparency in decision-making, enhances accountability for IT decisions, and ensures better alignment between IT strategies and organizational objectives. By embedding agile leadership and data-driven decision-making principles, the framework enables organizations to respond effectively to the fast-changing dynamics of digital transformation. This study also compares the proposed framework to existing models such as COBIT and ITIL, highlighting its unique features, including its adaptability to the fluid nature of digital transformation. The framework's strengths include its comprehensiveness and flexibility, though its application may face challenges in organizations with limited digital maturity or rigid governance structures. Future research directions include exploring the integration of emerging technologies into the framework and its applicability across different organizational contexts.

The Electronic Traffic Law Enforcement (E-Tilang) system has been implemented in Jakarta as an innovative solution to address the increasingly complex problems of traffic law enforcement. This research aims to evaluate the effectiveness of the E-Tilang system's implementation by analyzing public compliance levels and measuring the system's maturity using the COBIT 2019 framework. The research method uses a quantitative approach with a survey of 113 Jakarta residents who have experience with the E-Tilang system. Data was collected through a structured questionnaire mapped to the five COBIT 2019 domains: Evaluate, , Plan and Organize (APO); Build, Acquire and Implement (BAI); Deliver, Service and Support (DSS); and Monitor, Evaluate and Assess (MEA)

PT. XYZ  applies Information Technology in business processes to achieve company goals. achieve company goals. However the use of Technology brings risks that can reduce business effectiveness and efficiency of the business. PT. XYZ faced several problems in its IT department, including network connectivity issues, human error, hardware failure, ERP system integration failure, data security, and human error, hardware failure, ERP system integration failure, data security, data backup failures, system downtime, and power outages. This research applies data collection methods through interviews and risk analysis, evaluating the steps taken by the company in managing IT risks systematically. Research results show that the application of the COBIT 5 Framework is effective in identifying, assessing, and managing IT risks, thus helping the company to minimize losses and ensure smooth operations. This research provides recommendations for improved risk management that is more structured and data-driven risk management, as well as the importance of training for IT staff to improve risk management capabilities in the company. improve risk management capabilities in the company.

Digital transformation in Information Technology (IT) governance has become a crucial aspect in improving the efficiency of public services, particularly within the Department of Community and Village Empowerment, Population, and Civil Registration of North Sumatra Province. This study aims to analyze the implementation of digital transformation in IT governance using the COBIT 2019 framework. The research method includes the analysis of regulations, the role of IT, procurement models, implementation methods, and technology adoption strategies applied by the department. The findings show that IT implementation is predominantly strategic in nature, supporting the digitization of population services and enhancing data transparency. The IT procurement model comprises a combination of outsourcing (30%), cloud computing (30%), and insourcing (40%) to balance efficiency and system control. Agile methodology is the most dominant implementation method (50%), followed by DevOps (35%) for maintenance and traditional approaches (15%) for more structured projects. The department primarily adopts a "follower" technology adoption strategy (75%), reflecting a selective approach to digital innovation. Based on COBIT 2019 evaluation, the BAI (Build, Acquire, and Implement) domain is the main focus, with high scores in solution identification and improvement management (90) and change management (100), indicating the department’s readiness to adopt digital systems. However, challenges remain in information security, inter-agency data integration, and human resource readiness. The digital transformation of IT governance at the department has been systematically implemented, supporting the improvement of population service efficiency. Enhancements in security, infrastructure, and the strengthening of IT governance policies are necessary to optimize and sustain digital transformation implementation.

One of the benefits of the development of information systems is to increase effectiveness, efficiency and convenience in various aspects of technological life, especially in the scope of education, such as at SMK Negeri 1 Banyumas which implements a library visit system. But there are also challenges in its implementation, such as theft of personal data and misuse of data by irresponsible people. By conducting an information system audit, we can better understand the weaknesses of the system, for example, using COBIT 5 to view and evaluate the information system. as in the questionnaire that we distributed shows that there are 79% of students feel safe about the library visit system and 4.8% of students feel that the library visit system is not secure enough for almost the same reasons such as the authentication system that only relies on a username in the form of NIS and no password. From this data we can provide recommendations such as implementing a password system and 2-factor authentication in order to better protect personal data, files, systems, networks, and so on so that the system becomes better and more secure.

PT Jadi Kaya Raya Bersama, founded in 2024 in Banyumas, Indonesia, focuses on providing reliable financial recording solutions for Micro, Small, and Medium Enterprises (MSMEs) through fintech-based applications. The platform is designed to support transaction recording, financial monitoring, and reporting processes to improve MSME financial management. Despite its significant potential, several technical issues have hindered the application’s performance and service quality. Key problems identified include disruptions in the WhatsApp Bot API, user authentication errors, and the lack of integration with banking systems and digital wallet services. These challenges affect transaction recording accuracy, operational efficiency, and the security of user financial data. To identify the root causes of these issues and propose appropriate solutions, a system audit was conducted using the COBIT framework as a governance and management evaluation tool. The audit process involved assessing system performance, control mechanisms, and IT service management practices. The results indicate that API disruptions were primarily caused by network instability and configuration errors, which led to interruptions in automated transaction recording services. Meanwhile, authentication problems were associated with weak login mechanisms and insufficient identity verification processes. In addition, the application’s inability to integrate with banking and e-money services created limitations in transaction synchronization and reduced overall user convenience. Based on these findings, several strategic recommendations are proposed. These include optimizing API performance, strengthening authentication systems through the implementation of Two-Factor Authentication (2FA), and developing integration capabilities with banking institutions and digital wallet platforms. The implementation of these improvements is expected to enhance system efficiency, data security, and service quality. Ultimately, strengthening the fintech application’s performance will support MSMEs financial management and contribute to sustainable digital economic growth in Indonesia.

E-Learning becomes a platform which supports technology-based learning on many aspects. The usage of E-Learning becomes the main choice especially in education world. SMK TI Bali Global Jimbaran, which is a middle level vocational school, utilizes this platform in its learning process. In its implementation process, there needs to be a precise and thorough supervision to ensure that the system runs according to business goals. This mapping is conducted to know the process used for measurements. This mapping is done by framework with COBIT 5 by applying PAM (Process Assessment Model), which is adjusted with the condition on research place. The activity measurement are derived from several domains on COBIT 5 with mapping process based on the business goals and institution goals. The domains used are EDM03, AP003, BAI07, DSS05 and MEA01. The results of governance measurement process on current capability level is on level 4 (predicable process) and the expected capability level is on level 5 (Optimizing Process) which has gap value of 2 level.

Digital transformation (DT) is a necessity for incumbent companies today, including MSMEs, to be able to continue to compete in the era of technological disruption and accelerated by the COVID-19 pandemic. This research aims to design IT governance (ITG) for BPRACo MSMEs using the COBIT 2019 SME focus area framework. The research method used is design science research (DSR) which creates artifacts in the form of ITG solution development methods and systems. The research results revealed that the highest GMO priorities selected were APO10 Managed Vendors, MEA03 Managed Compliance with External Requirements, and APO12 Managed Risk. From the analysis of the selected GMOs, there are gaps and recommendations for improvement in the seven components which are then mapped into three aspects, namely people, process and technology aspects. The results of the research analysis show that the ambidextrous IT governance approach has succeeded in increasing the level of capability in several main components of BPRACo MSMEs in adopting DT. The right ITG strategy can help BPRACo MSMEs operating in the banking industry achieve a successful DT journey.  

The integration of IT Governance and expert system design offers transformative benefits for enhancing library user services. This research employs the COBIT 5.0 framework to align IT strategies with library objectives while developing an expert system tailored for personalized recommendations. The findings indicate that the expert system significantly improves operational efficiency, service accuracy, and user satisfaction by using user profiles to recommend relevant materials and streamline the borrowing process. Testing revealed high user satisfaction levels, with 96.6% finding the system effective and 100% confirming its efficiency. Additionally, IT Governance ensures strategic integration between technological infrastructure and service quality objectives, enabling data-driven decision-making. The study also highlights challenges, such as the need for robust data management and user training, suggesting areas for future improvement. Recommendations include incorporating machine learning to enhance system intelligence, conducting regular evaluations to maintain system relevance, and testing the scalability of this approach across various types of libraries. By integrating IT Governance with an expert system, this research sets a strong foundation for modernizing library services to better meet user expectations in the digital era.

Consumer demand for fast, accurate, and precise information has accelerated the adoption of information technology (IT) as a strategic tool in this era of globalization. The implementation of IT governance in public services plays an important role in improving efficiency, productivity, and service quality, by meeting community needs effectively. This study aims to evaluate IT governance in the public service sector through the implementation of international standards such as COBIT, ITIL, and ISO/IEC 20000 which focus on risk management, information security, and service efficiency. This research method uses a qualitative approach by analyzing related frameworks and regulations, and identifying factors that support and hinder effective IT governance. The results of the study indicate that the implementation of IT governance in public services faces significant challenges, including resistance to change, limited resources, and lack of readiness to adapt to changes in community values. The success of IT governance depends on the synergy between organizational policies, information strategies, and information architecture standards applied. In addition, the ITIL-based service model that emphasizes the integration of People, Process, Products, and Partners (4P) components has proven effective in improving the quality and satisfaction of public service users. This study recommends increasing inter-agency collaboration, improving technology infrastructure, and increasing digital literacy to ensure responsive, accountable, and sustainable IT governance in the public service sector.

The objective of Waikabubak Regional Hospital's information system deployment is to streamline the administrative procedure. Information system performance must be measured or audited to ascertain its maturity in order to give information technology a positive role and to ensure that it operates in line with the hospital's planning and business objectives. Information system audits conducted with the COBIT 4.1 Framework are highly beneficial to management, auditors, and users alike. Determining the information system's maturity level at Waikabubak Regional Hospital is the goal of this study.  The ability to offer suggestions that can be used as raw material for future information system improvements is another goal of this research. The study's findings display the system maturity level score.  From a total of 20 sudomains, the information gathered at Waikabubak Regional Hospital is 3 or at level Defined Process; only 6 of these indicated a score of level 2 maturity level (Repeatable but Intuitive), which is provided as a recommendation.. Keywords: Expert System, Epilepsy, Certainty Factor    

Dinas Perpustakaan dan Kearsipan Kota Surabaya (DISPUSIP) is one of the Surabaya city government institutions whose role is to provide and manage public service facilities in the library and archives sector in the City of Surabaya. DISPUSIP has an IT Team that manages information technology including the development of Management Information Systems (MIS). In working on MIS development, the DISPUSIP IT Team experienced problems related to the division of job desks between members and the MIS work flow was unclear and undocumented because there were no procedures and documentation for MIS development activities. Therefore, MIS development governance is needed in the form of a Standard Operating Procedure (SOP) to manage MIS development activities. The preparation of SOPs in this thesis uses the gap analysis method to determine the gap between current conditions and ideal conditions. Current conditions were obtained from interviews and observations, while ideal conditions were obtained from activities in the System Development Life Cycle (SDLC), the COBIT 5 domain BAI03 framework, and ITIL v3 change management. The output produced from this thesis is a MIS development SOP document which consists of 5 procedures, namely: New MIS Planning SOP, New MIS Analysis SOP, New MIS Design SOP, New MIS Implementation SOP, and MIS Module Addition SOP verified using the interview method and validated with SOP test simulations to find out whether the SOP is appropriate.

Information technology continues to evolve over time, and this development can be leveraged across various organizational sectors. CV. Warajaya Solve Techindo, an IT Solution company, relies heavily on the implementation of information technology to support its business processes. With numerous IT services sold and used by WaySolve, new risks or problems are bound to arise. Unfortunately, WaySolve currently lacks clear guidelines for problem management. The aim of this thesis is to create SOP related to problem management that CV. Warajaya Solve Techindo can use as a reference or standard for resolving IT issues. The SOP is developed using the ITIL V3 and COBIT 5 frameworks, as both provide activities relevant to the problem management process based on existing guidelines.This thesis involves several stages: Data Collection and Analysis, SOP Document Preparation, and SOP Document Adjustment. The outcome of this thesis includes two standard operating procedure documents for IT problem management, as well as two forms with six actors assigned roles in each activity.

Abstract The utilization of information technology plays a crucial role in the operations of organizations or companies, including the Communication and Informatics Agency of East Java Province. The utilization of information technology is governed by Presidential Regulation No. 95 of 2018 on the Electronic-Based Government System (SPBE). The purpose of conducting risk management evaluation is to reduce the impact of risks within the organization and to determine the level of SPBE risk management capability. This research uses the Control Objectives for Information and Related Technologies (COBIT) 5 framework. The current assessment results for EDM03 Ensure Risk Optimization (as is) have reached Level 2 – Managed Process with a score of 74.9%, and APO12 Manage Risk (as is) has reached Level 1 – Performed Process with a final score of 79.39% with the category of L (Largely Achieved). Based on this assessment, the gap for EDM03 is one level, and the gap for APO12 is two levels

The information systems currently used by PT Media Print need to be evaluated to ensure that they remain relevant, efficient and secure. In the competitive print media industry, it is important for companies to ensure that their information systems support business processes well and provide high-quality service to customers. This audit aims to ensure that the information system functions properly, protects sensitive information, and meets organizational goals. By using an information system audit, it is hoped that it can help identify areas where improvements or improvements are needed to improve service quality and control existing security in information systems, including access management, data encryption, user activity monitoring, and data protection measures. From the research carried out, the final result was obtained, namely DSS03 (Manage Service Requests and Incidents) showing the overall level of capability in the DSS03 sub-process and the average results for the DSS03 IT Process itself are shown in table 3 process capability domain DSS03 manage operations.

The Binjai Library has developed a technology-based information service system to improve service quality for the community. This study aims to audit the information service system of the Binjai Library using the COBIT 5 framework. Based on the analysis, it was found that the information system has not reached the expected target levels in all domains. The average maturity level calculation shows a score of 1.43 or 143%, which is classified as Fully Achieved. Key findings include the near alignment of human resources and IT capabilities with institutional needs, suboptimal innovation in services, and the need for improvement in HR management and communication. This study concludes that the Binjai Library needs to implement improvements and innovations to enhance the performance of the information system and service quality.  

: This study aims to evaluate the sales information system at UMKM CKS using the COBIT 5 framework. Initial observations revealed several issues, including an unresponsive user interface and a complicated check-out process. The audit results showed an average maturity level of 1.56 or 156%, indicating a Fully Achieved (F) status with a systematic approach. However, on the capability model scale, it is at level 1, which is the Performed Process. The conclusion of this research indicates that although the sales information system has been successfully implemented, there is a need for innovation and enhancement of consumer services, as well as better communication between the company and consumers to improve the effectiveness of the information system.