Assessment of IT Governance Capability Level Using the COBIT 2019 Framework: A Case Study of XYZ Institution
DOI:
https://doi.org/10.26418/jp.v11i2.95073Keywords:
IT Governance, COBIT 2019, Capability Level, Design Factors, Goals Cascade, RecommendationAbstract
XYZ Institution recognizes Information Technology (IT) as a strategic enabler essential for achieving organizational objectives and advancing its digital transformation objectives. IT governance plays a critical role in ensuring alignment between the utilization of IT and the achievement of strategic objectives. In today"™s digital era, the presence of structured, measurable, and strategically aligned IT governance has become essential to support both operations and business goal attainment. To address this issue, the study adopts an IT governance capability level assessment approach based on the COBIT 2019 framework. The methods used include Design Factors and Goals Cascade to identify the relevant Governance and Management Objectives (GMO) tailored to the organization"™s characteristics. Following this mapping, a capability level assessment is conducted using process activity parameters defined in COBIT 2019. The results indicate that most IT governance areas have achieved a satisfactory level of capability. Four processes (EDM02, APO12, DSS04, DSS06) achieved Capability Level 5, indicating optimized performance. Eleven processes (EDM04, APO02, APO03, APO04, APO05, APO08, BAI01, BAI02, BAI03, BAI08, BAI11) achieved Capability Level 4, reflecting established and managed practices. One process (BAI05) is currently at Level 3, highlighting an opportunity that can be further developed to align with higher-performing areas. This study contributes theoretically by providing a reference for future research on IT governance capability assessment using COBIT 2019, and practically by offering recommendations to enhance IT governance practices within financial institutions. Furthermore, this study provides example of targeted recommendations for enhancing IT governance in areas requiring improvement, with the aim of supporting the XYZ Institution strategic goals. This study contributes theoretically by providing a reference.References
Dr. A. B. M. Dr. Krishna Mohan Sharma Prof. Nishant Ranjan, and Dr. P. P. Prof. Kshirod Chand, “Advancement of Digital Transformation to Boost Financial Services Industry,†J. Inform. Educ. Res., vol. 3, no. 2, Dec. 2023, doi: 10.52783/jier.v3i2.405.
C. C. Okoye, E. E. Nwankwo, F. O. Usman, N. Z. Mhlongo, O. Odeyemi, and C. U. Ike, “Securing financial data storage: A review of cybersecurity challenges and solutions,†Int. J. Sci. Res. Arch., 2024, doi: 10.30574/ijsra.2024.11.1.0267.
J. Zhang, H. Li, and H. Zhao, “The Impact of Digital Transformation on Organizational Resilience: The Role of Innovation Capability and Agile Response,†Systems, vol. 13, no. 2, p. 75, Jan. 2025, doi: 10.3390/systems13020075.
O. Nepochatenko, P. K. Bechko, N. V. Bondarenko, S. Ptashnyk, and О. Пономаренко, “DIGITALIZATION OF THE MONETARY SYSTEM: INSTITUTIONAL AND REGULATORY ASPECTS,†Collect. Works Um. Natl. Univ. Hortic., vol. 2, pp. 7–16, Jan. 2023, doi: 10.32782/2415-8240-2023-102-2-7-16.
Y. Alansari and A. M. A. Musleh Al-Sartawi, “IT governance and E-banking in GCC listed banks,†Procedia Comput. Sci., vol. 183, pp. 844–848, 2021, doi: 10.1016/j.procs.2021.03.008.
N. Afifah, R. Mulyana, and L. Abdurrahman, “Survey of IT Governance Influence on Digital Transformation and Bank Organization Performance,†SISTEMASI, vol. 11, no. 3, p. 749, Sep. 2022, doi: 10.32520/stmsi.v11i3.2179.
Mr. N. Suresh, Dr T. Varalakshmi, and Mohd Shoaib Chand, “IT Governance Framework Ensuring Effective Management and Compliance,†Int. Res. J. Adv. Eng. Manag. IRJAEM, vol. 2, no. 05, pp. 1627–1632, May 2024, doi: 10.47392/IRJAEM.2024.0227.
A. Ghallab et al., “Assessment of IT Governance Maturity Level for Yemeni Telecom Sector Using COBIT 2019 Framewor006B,†in 2024 1st International Conference on Emerging Technologies for Dependable Internet of Things (ICETI), Nov. 2024, pp. 1–7. doi: 10.1109/ICETI63946.2024.10777209.
M. H. Karataş and H. Çakir, “A Systematic Literature Review on IT Governance Mechanisms and Frameworks,†J. Learn. Teach. Digit. Age, vol. 9, no. 1, pp. 88–101, Jan. 2024, doi: 10.53850/joltida.1300262.
P. Weill and J. Ross, IT Governance: How Top Performers Manage IT Decision Rights for Superior Results. 2004.
ISACA, COBIT 2019 Framework: Introduction and Methodology. ISACA, 2018. [Online]. Available: https://books.google.co.id/books?id=PmmDuQEACAAJ
W. Febriyani, F. R. Hendrawan, and T. F. Kusumasari, “Advancing Towards IT Maturity Governance Excellence: COBIT 2019 in Higher Education (Indonesia),†in 2023 Eighth International Conference on Informatics and Computing (ICIC), 2023, pp. 1–6. doi: 10.1109/ICIC60109.2023.10382082.
ISACA, COBIT 2019 Framework: Governance and Management Objectives. ISACA, 2018. [Online]. Available: https://books.google.co.id/books?id=n011uQEACAAJ
M. Anjelina and Wella, “Information Technology Capability Using COBIT 2019 Framework (Case Study: PT. Emobile Indonesia),†in 2023 7th International Conference on New Media Studies (CONMEDIA), Dec. 2023, pp. 56–61. doi: 10.1109/CONMEDIA60526.2023.10428645.
V. S. Kasma, S. Sutikno, and K. Surendro, “Design of e-Government Security Governance System Using COBIT 2019 : (Trial Implementation in Badan XYZ),†in 2019 International Conference on ICT for Smart Society (ICISS), Bandung, Indonesia: IEEE, Nov. 2019, pp. 1–6. doi: 10.1109/ICISS48059.2019.8969808.
A. Ishlahuddin, P. W. Handayani, K. Hammi, and F. Azzahro, “Analysing IT Governance Maturity Level using COBIT 2019 Framework: A Case Study of Small Size Higher Education Institute (XYZ-edu),†in 2020 3rd International Conference on Computer and Informatics Engineering (IC2IE), Sep. 2020, pp. 236–241. doi: 10.1109/IC2IE50715.2020.9274599.
P. Widharto, Z. Suhatman, and R. F. Aji, “Measurement of information technology governance capability level: a case study of PT Bank BBS,†Telkomnika Telecommun. Comput. Electron. Control, vol. 20, no. 2, pp. 296–306, 2022, doi: 10.12928/TELKOMNIKA.v20i2.21668.
A. Taufik Budiman and P. Wuri Handayani, “Maturity Evaluation and Improvement Recommendation of Information Technology Governance with the Control Objective of Information and Related Technology 2019 Framework: A Case Study of Tax Court Secretariat,†in 2022 International Conference on Advanced Computer Science and Information Systems (ICACSIS), Oct. 2022, pp. 161–166. doi: 10.1109/ICACSIS56558.2022.9923448.
J. A. Maxwell, “Integration in Mixed Methods Research,†Routledge eBooks, 2022, pp. 86–93. doi: 10.4324/9780429432828-8.
E. Bell, A. Bryman, and B. Harley, “Mixed Methods Research: Combining Quantitative and Qualitative Research,†Oxford University Press, 2022. doi: 10.1093/hebz/9780198869443.003.0040.
N. Irzavika and F. R. Mahda, “Capability Level of SPBE Application and Infrastructure Audit Tools Using COBIT 2019,†in 2024 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS), Jakarta, Indonesia: IEEE, Nov. 2024, pp. 692–696. doi: 10.1109/ICIMCIS63449.2024.10957022.