Fikri, Moch Riza Ali (2022) Audit Risk Governance Dan It Governance Dengan Framework Cobit 2019 Untuk Meningkatkan Kinerja Rsud Kabupaten Sidoarjo. Masters thesis, Institut Teknologi Sepuluh Nopember.
Preview |
Text
09211750026008-Master_Thesis.pdf - Accepted Version Download (2MB) | Preview |
Abstract
Rumah Sakit Umum Daerah Kabupaten Sidoarjo (RSUD Sidoarjo) telah mengembangkan solusi-solusi teknologi informasi namun belum dapat menilai apakah langkah tersebut memberi benefit dan selaras dengan strategi perusahaan.
Penelitian ini bertujuan untuk memperoleh ukuran kapabilitas proses Teknologi Informasi termasuk Risk Governance saat ini dengan yang diharapkan serta menyusun rekomendasi guna menyelaraskannya dengan strategi bisnis rumah sakit. Metode penelitian ini menggunakan framework COBIT 2019 dan Capability maturity model integration (CMMI).
Setelah melakukan gap analysis 9 sub domain/proses : EDM01, EDM02, EDM03, APO06, APO12, APO13, dengan nilai kesenjangan 2 dan APO01,APO03 dengan nilai kesenjangan 3 mengindikasikan pengelolaan TI dinyatakan sangat tidak baik/ sangat tidak optimal, Meski ada 1 domain dan proses TI yang berhasil mencapai nilai kesenjangan 1, yaitu APO07, perusahaan dinyatakan belum mengimplementasikan proses penerapan Tata Kelola TI dan belum bisa mengindentifikasi resiko TI dengan jelas. Rekomendasinya antara lain: mengevaluasi kinerja pegawai , training penerapan manajemen risiko teknologi informasi, mengembangkan mekanisme formal (pedoman/ kebijakan/ prosedur) keamanan informasi, dan melakukan pendefinisian KPI untuk pegawai. Risk Governance yang diindikasikan EDM03 dan APO12 saat ini mencapai level 1 sedangkan yang diharapkan ada pada level 3. Hal ini menunjukkan bahwa Risk Governance yang dilakukan baru di tahap mengidentifikasi risiko namun belum dilakukan optimisasi penggunaan risk register tersebut untuk kepentingan pengambilan keputusan strategis dan menciptakan competitive advantage.
================================================================================================
The Regional General Hospital of Sidoarjo Regency (RSUD Sidoarjo) has
developed information technology solutions but has not been able to assess whether
these steps are beneficial and align with the company's strategy.
This study aims to obtain measurements, current and expected Information
Technology process capabilities and guidelines for aligning Information Technology
governance with hospital business strategies. This research method uses the COBIT
2019 framework and using the standard Capability maturity model integration (CMMI)
to measures the level of capability with the stages of the assessment activity process.
Analyzed 9 sub domains/IT Process by using gap analysis: EDM01, EDM02,
EDM03, APO06, APO12, APO13, with gap value 2 and APO01, APO03 with gap
value 3, IT management were declared as very not good/ very not optimal, although
there was 1 domain that managed to reach level 1, namely APO07, still the company
stated that it had not implemented the IT Governance. The audit recommendations
obtained included: employee development, training in the application of information
technology management, developing formal mechanisms
(guidelines/policies/procedures) for information security, and defining KPIs for
employees. Risk governance shown by EDM03 and APO12 is currently at level 1 while
the expected level is at level 3. This shows that the risk governance that has been carried
out is only in the first stage of identifying but has not been yet optimized in term of
strategic decision making and creating competitive advantages.
Item Type: | Thesis (Masters) |
---|---|
Uncontrolled Keywords: | Audit TI, COBIT2019, Tata Kelola TI |
Subjects: | T Technology > T Technology (General) > T58.5 Information technology. IT--Auditing |
Divisions: | Faculty of Creative Design and Digital Business (CREABIZ) > Technology Management > 61101-(S2) Master Thesis |
Depositing User: | Moch Riza Ali Fikri |
Date Deposited: | 13 Feb 2022 17:12 |
Last Modified: | 14 Oct 2024 03:16 |
URI: | http://repository.its.ac.id/id/eprint/93702 |
Actions (login required)
View Item |