Perancangan Rencana Tata Kelola dan Manajemen Teknologi Informasi Menggunakan COBIT 2019 dan NIST SP 800-53 Rev 5 (Studi Kasus: Instansi Pemerintah ABC)

Authors

  • Hafizh Ghozie Afiansyah Politeknik Siber dan Sandi Negara
  • Amiruddin Amiruddin Politeknik Siber dan Sandi Negara

DOI:

https://doi.org/10.56706/ik.v16i1.38

Abstract

Untuk mendukung fungsinya sebagai instansi pemerintahan, Instansi Pemerintah ABC menggunakan layanan teknologi informasi (TI) untuk membantu proses bisnis dan penyediaan layanan publik. Untuk mendapatkan hasil yang maksimal dari penggunaan TI, diperlukan adanya rencana tata kelola dan manajemen terhadap TI sehingga penggunaanya dapat sejalan dengan tujuan dan capaian yang diinginkan dari instansi. Pada penelitian ini, dilakukan perancangan rencana tata kelola dan manajemen TI untuk Instansi Pemerintah ABC dengan menggunakan kerangka kerja COBIT 2019 dan kendali dari NIST SP 800-53 Rev 5. Hasilnya, terdapat 9 proses dari COBIT 2019 dan 14 kendali dari NIST SP 800-53 Rev 5 yang dapat diterapkan oleh Instansi Pemerintah ABC sebagai rencana tata kelola dan manajemen TI.

References

National Institute of Standards and Technology (NIST), Information Security Handbook: A Guide for Managers, Special Publication (SP) 800-100, Washington, D.C.: U.S. Department of Commerce, 2006.

Committee on National Security Systems (CNSS), CNSSI No. 4009: Committee on National Security Systems Glossary, Committee on National Security Systems, 2015.

Office of Management and Budget (OMB), Managing Information as a Strategic Resource, Circular A-130, Office of Management and Budget, 2016.

ISACA, COBIT 2019 Framework: Designing an Information and Technology Governance Solution, Illinois: ISACA, 2018.

ISACA, COBIT 2019 Framework: Introduction and Methodology, Illinois: ISACA, 2018.

National Institute of Standards and Technology (NIST), Guide for Conduction Risk Assessments, Special Publication 800-30 Revision 1, Washington, D.C.: National Institute of Standards and Technology, 2012.

IT Governance Institute, Board Briefing for IT Governance, 2nd Edition, Information Systems Audit and Control Association, 2003.

National Institute of Standards and Technology (NIST), Security and Privacy Controls for Information Systems and Organizations, Special Publication (SP) 800-53 Revision 5, Washington, D.C.: U.S. Department of Commerce, 2020.

M. Yasin, A. Akhmad Arman, I. J. M. Edward and W. Shalannanda, "Designing Information Security Governance Recommendations and Roadmap Using COBIT 2019 Framework and ISO 27001:2013 (Case Study Ditreskrimsus Polda XYZ)," 2020 14th International Conference on Telecommunication Systems, Services, and Application. https://doi.org/10.1109/TSSA51342.2020.931087

A. M. Fikri, H. S. Priastika, N. Octaraisya, S. and L. H. Trinawati, "Rancangan Tata Kelola Teknologi Informasi Menggunakan Framework COBIT 2019 (Studi Kasus: PT XYZ)," Information Management for Educators and Professionals, vol. 5, no. 1, pp. 1-14, 2020

Presiden RI, Peraturan Pemerintah Nomor 71 Tahun 2019

A Hardani, H. Andriani, J. Ustiawaty, E. F. Utami, R. R. Isitiqomah, R. A. Fardani, D. J. Sukmana dan N. H. Auliya, Metode Penelitian Kualitatif dan Kuantitatif, Yogyakarta: CV. Pustaka Ilmu Group, 2020.

J. D. Paton-Romero, M. T. Baldassarre, M. Rodriguez and M. Piattini, "Application of ISO 14000 to Information Technology Governance and Management," Computer Standards & Interfaces, pp. 180-202, 2019. https://doi.org/10.1016/j.csi.2019.03.007

R. Tawafak, A. Romli, S. Malik and M. Shakir, "IT Governance Impact on Academic Performance Development," International Journal of Emerging Technologies in Learning (iJET), vol. 15, no. 18, pp. 73-85, 2020. https://www.learntechlib.org/p/217886/

P. Mulgund, P. Pahwa and G. Chaudhari, "Strengthening IT Governance and Controls Using COBIT: A Systematic Literature Review," International Journal of Risk and Contingency Management (IJRCM) , vol. 8, no. 4, pp. 66-90, 2019. https://doi.org/10.4018/IJRCM.2019100104

A. Cater-Steel, "Information technology governance and service management: Frameworks and adaptations. Information science references.," Information Science References, 2009.

https://doi.org/10.4018/978-1-60566-008-0.ch003

A. R. Kan, "Managing a multi-billion dollar IT budget," in International Conference on Software Maintenance (ICSM), 2003.

https://doi.org/10.1109/ICSM.2003.1235400

G. Ridley, J. Young and P. Carroll, "COBIT and its utilization: a framework from the literature," in 37th Annual Hawaii International Conference on System Sciences, 2004.

https://doi.org/10.1109/HICSS.2004.1265566

W. Delone, D. Migliorati and G. Vaia, "Digital IT governance," CIOs and the Digital Transformation, pp. 205-230, 2018.

https://doi.org/10.1007/978-3-319-31026-8

P. Weill, J. W. Ross and J. W. Ross, "TOP-performing CIOs in the digital era," 2016. [Online]. Available: https://cisr.mit.edu/blog/documents/2016/05/19/2016_0501_digitaleracios_weillwoerner.pdf/.

Downloads

Submitted

08-02-2022

Accepted

19-05-2022

Published

23-05-2022

Issue

Section

Articles