Analisis Manajemen Risiko TI Berbasis COBIT 2019 Pada Lembaga Amil  Zakat Nasional XYZ

Thata Authar Razaq; Alva Hendi Muhammad

doi:10.37859/jf.v15i1.9093

Authors

Thata Authar Razaq Universitas AMIKOM Yogyakarta
Alva Hendi Muhammad Universitas AMIKOM Yogyakarta

DOI:

https://doi.org/10.37859/jf.v15i1.9093

Keywords: audit, manajemen risiko TI, COBIT 2019, LAZNAS, tata kelola TI

Abstract

Analisis pengelolaan risiko Teknologi Informasi (TI) di Lembaga Amil Zakat Nasional (LAZNAS) XYZ dilakukan dengan menggunakan framework COBIT 2019, khususnya pada domain EDM 03 (Ensure Risk Optimization), APO 12 (Manage Risk), dan APO 13 (Manage Security). Mengingat pentingnya TI dalam mendukung operasional dan pengelolaan dana Zakat, Infak, Sedekah, dan Wakaf (ZISWAF), tujuan utama adalah menilai efektivitas manajemen risiko TI yang diterapkan. Metode yang digunakan adalah pendekatan deskriptif kualitatif melalui studi kasus, dengan pengumpulan data melalui observasi, wawancara, dan kuesioner kepada responden yang terlibat dalam pengelolaan TI. Hasil penelitian menunjukkan bahwa LAZNAS XYZ telah mencapai tingkat kapabilitas yang memadai pada domain EDM 03 (Ensure Risk Optimization), APO 12 (Manage Risk), dan APO 13 (Manage Security), dengan rata-rata level 3. Namun, terdapat kesenjangan pada domain APO 12 dan APO 13, yang memerlukan peningkatan untuk mencapai level 4. Rekomendasi perbaikan meliputi penguatan pemantauan metrik risiko, perluasan cakupan pengumpulan data risiko, serta peningkatan efektivitas kebijakan keamanan melalui audit berkala dan pelatihan staf. Kesimpulan penelitian ini adalah bahwa penerapan COBIT 2019 dapat membantu LAZNAS XYZ meningkatkan tata kelola dan manajemen risiko TI, sehingga mendukung kepercayaan donatur dan kepatuhan terhadap regulasi. Penelitian ini juga membuka peluang pengembangan lebih lanjut, seperti integrasi dengan kerangka kerja lain seperti ISO 27001 atau studi komparatif dengan organisasi filantropi sejenis.

Downloads

Download data is not yet available.

References

W. Setyowati, R. Widayanti, and D. Supriyanti, “Implementation of E-Business Information System in Indonesia: Prospects and Challenges,” International Journal of Cyber and IT Service Management, vol. 1, no. 2, pp. 180-188, Oct. 2021. doi: 10.34306/ijcitsm.v1i2.49.

G. Robertsone and I. Lapiņa, “Digital Transformation as a Catalyst for Sustainability and Open Innovation,” Journal of Open Innovation: Technology, Market, and Complexity, vol. 9, no. 1, p. 100017, Mar. 2023, doi: 10.1016/j.joitmc.2023.100017.

I. Beerepoot et al., “The Biggest Business Process Management Problems to Solve Before We Die,” Computers in Industry, vol. 146, p. 103837, Apr. 2023, doi: 10.1016/j.compind.2022.103837.

A. Pollini, T. C. Callari, A. Tedeschi, D. Ruscio, L. Save, F. Chiarugi, and D. Guerri, “Leveraging Human Factors in Cybersecurity: An Integrated Methodological Approach,” Cognition, Technology and Work, vol. 24, no. 2, pp. 371–390, May 2022, doi: 10.1007/s10111-021-00683-y.

D. Settembre-Blundo, R. González-Sánchez, S. Medina-Salgado, and F. E. García-Muiña, “Flexibility and Resilience in Corporate Decision Making: A New Sustainability-Based Risk Management System in Uncertain Times,” Global Journal of Flexible Systems Management, vol. 22, pp. S107–S132, Dec. 2021, doi: 10.1007/s40171-021-00277-7.

M. Ikhlas Rosele, A. Muneem, N. Naemah Binti Abdul Rahman, and A. Karim Ali, “The Digitalized Zakat Management System in Malaysia and the Way Forward,” Jurnal Hukum dan Pranata Sosial, vol. 17, no. 1, pp. 242–272, 2022, doi: 10.19105/al-Ihkam.v17i1.5365.

ISACA, COBIT® 2019 Framework: Governance and Management Objectives. Rolling Meadows, IL: ISACA, 2018. ISBN 978-1-60420-764-4.

A. Safitri, I. Syafii, and K. Adi, “Measuring the Performance of Information System Governance using Framework COBIT 2019,” International Journal of Computer Applications, vol. 174, no. 31, pp. 23–30, Apr. 2021. doi: 10.5120/ijca2021921253.

H. Berrada, J. Boutahar, and S. El Ghazi El Houssaini, “Simplified IT Risk Management Maturity Audit System Based on COBIT 5 for Risk.” International Journal of Advanced Computer Science and Applications, vol. 12, no. 8, pp. 641–652, 2021. doi: 10.14569/IJACSA.2021.0120875.

R. Setyadi and H. N. Prabowo, “Risk Management Analysis of Bus Transportation Application Using COBIT 4.1,” Jurnal Teknologi dan Sistem Informasi, vol. 7, no. 2, pp. 203–212, Apr. 2021, doi: 10.33330/jurteksi.v7i2.1046.

R. Anugrah, E. Utami, and A. H. Muhammad, “Analisis Manajemen Risiko TI pada Perguruan Tinggi XYZ Berbasis COBIT 2019 dengan Pertimbangan Domain APO12,” Jurnal Ilmiah Universitas Batanghari Jambi, vol. 22, no. 2, pp. 991-995, Jul. 2022, doi: 10.33087/jiubj.v22i2.2175.

E. Enrique and M. I. Fianty, “Enhancing Risk Management in an IT Service Company: A COBIT 2019 Framework Approach,” Jurnal Riset Informatika, vol. 5, no. 4, pp. 499–506, Sep. 2023, doi: 10.34288/jri.v5i4.212.

M. Brian Hardjadinata and J. Wiratama, “Capability Assessment of IT Governance Using the COBIT 2019 Framework for the IT Business Consultant Industry.” International Journal of Science, Technology & Management, vol. 4, no. 4, pp. 1034–1039, Jul. 2023. doi: 10.46729/jjstm.v4i4.902.

A. Harits, G. Muhamad Noer, and A. P. Widodo, “Capability Level Measurement Using COBIT 5: A Case Study of PT Jasa Cendekia Indonesia,” Journal of Information Systems and Informatics, vol. 3, no. 2, pp. 341-351, 2021, doi:10.33557/journalisi.v3i2.134.

H. Mualo and A. N. Rohim, “Analisis Efisiensi dan Efektivitas Pengelolaan Dana ZIS pada LAZNAS Baitulmaal Muamalat,” Islamic Economics and Business Review, vol. 2, no. 1, pp. 11–23, 2023. [Online]. Available: https://ejournal.upnyi.ac.id/edst/n/article/view/5490.

G. Guest, E. Namey, and M. Chen, “A Simple Method to Assess and Report Thematic Saturation in Qualitative Research,” PLOS One, vol. 15, no. 5, p. e0232076, May 2020, doi: 10.1371/journal.pone.0232076.

A. R. Tanaamah, A. F. Wijaya, and S. A. Maylinda, “Tata Kelola Teknologi Informasi pada Sektor Publik: Penyelarasan Teknologi Informasi dengan Visi Kepemimpinan (Studi Kasus: Kota Salatiga dan Kabupaten Bengkayang),” Jurnal Teknologi Informasi dan Ilmu Komputer, vol. 8, no. 6, pp. 1319-1330, Dec. 2021, doi: 10.25126/jtiik.202185379.

F. Ebert, F. Castor, N. Novielli, and A. Serebrenik, “An Exploratory Study on Confusion in Code Reviews,” Empirical Software Engineering, vol. 26, no. 12, pp. 1-48, Jan. 2021, doi: 10.1007/s10664-020-09909-5.

R. Bell and V. Warren, “Illuminating a Methodological Pathway for Doctor of Business Administration Researchers: Utilizing Case Studies and Mixed Methods for Applied Research,” Social Sciences and Humanities Open, vol. 7, no. 1, p. 100391, Jan. 2023, doi: 10.1016/j.ssaho.2022.100391.

E. Barroga and G. J. Matanguihan, “Creating Logical Flow in Scientific Article Writing,” J Korean Med Sci, vol. 36, no. 40, p. e275, Oct. 2021, doi: 10.3346/jkms.2021.36.e275.

N. Aminudin, F. Aprilia, S. B. Wicaksono, A. Z. Salsabila A, and F. Ardhy, “Inovasi Sistem Layanan dan Rujukan Terpadu (SLRT) Bersahaja di Kabupaten Pringsewu: Evaluasi dan Kontribusinya terhadap Pengentasan Kemiskinan” Jurnal Fasilkom, vol. 15, no. 1, pp. 40-48, Apr. 2025, doi: 10.37859/jf.v15i1.8520.

A. Schneider et al., “Primary and Secondary Data in Emergency Medicine Health Services Research: A Comparative Analysis in a Regional Research Network on Multimorbid Patients,” BMC Medical Research Methodology, vol. 23, no. 1, pp. 1-12, Dec. 2023, doi: 10.1186/s12874-023-01855-2.

L. Busetto, W. Wick, and C. Gumbinger, “How to Use and Assess Qualitative Research Methods,” May 27, 2020, Neurological Research and Practice, vol. 2, no. 14, pp. 1–10, 2020. doi: 10.1186/s42466-020-00059-z.

Y. Kamil, S. Lund, and M. S. Islam, “Information Security Objectives and Output Legitimacy of ISO/IEC 27001: Stakeholders' Perspectives in Swedish Private Organizations,” Information Systems and e-Business Management, vol. 2, no. 14, pp. 699–722, 2020, doi: 10.1007/s10257-023-00646-y.

M. Shilenge and A. Telukdarie, “4IR Integration of Information Technology Best Practice Framework in Operational Technology,” Journal of Industrial Engineering and Management, vol. 14, no. 3, pp. 457–476, 2021, doi: 10.3926/jiem.3429.

S. Varga, J. Brynielsson, and U. Franke, “Cyber-Threat Perception and Risk Management in the Swedish Financial Sector,” Comput & Security, vol. 105, p. 102239 Jun. 2021, doi: 10.1016/j.cose.2021.102239.

D. Triyunsari, E. S. Negara, M. I. Herdiansyah, and N. R. Damayanti, “Analisis Tingkat Kesiapan Teknologi Sistem Informasi Perpustakaan SMA Negeri 19 Palembang Menggunakan Framework ITIL V3,” Jurnal Fasilkom, vol. 14, no. 3, pp. 695-704, Dec. 2024, doi: 10.37859/jf.v14i3.8215.

D. P. Siagian, B. Purwandari, and N. W. Trisnawaty, “Enhancing Information Technology Maturity Using COBIT 2019: A Case Study of ABC University,” The Indonesian Journal of Computer Science, vol. 14, no. 1, pp. 434-454, Feb. 2025, doi: 10.33022/ijcs.v14i1.4638.

A. Yusuf, W. A. Saputra, and Jamilah, “Capability Gap Analysis in IT Governance for a Logistics Company Using COBIT 2019,” Journal of Information Systems and Informatics, vol. 6, no. 3, pp. 1804–1821, Sep. 2024, doi: 10.51519/journalisi.v6i3.832.

Analisis Manajemen Risiko TI Berbasis COBIT 2019 Pada Lembaga Amil Zakat Nasional XYZ

Authors

DOI:

Abstract

Downloads

References

Downloads

Published

Issue

Section

License