Write and Creation: COBIT (Control Objectives for Information and Related Technology

COBIT yaitu Control Objectives for Information and Related Technology yang merupakan audit sistem informasi dan dasar pengendalian yang dibuat oleh Information Systems Audit and Control Association (ISACA), dan Information Technology Governance Institute (ITGI) pada tahun 1992, untuk memberikan informasi yangdiperlukan perusahaan dalam mencapai tujuannya, maka prinsip dasar COBIT menjelaskan (Simonsson & Johnson, 2006):

1. Business information requirements, terdiri dari: Effectiveness, Efficiency, Integrity, Availability, and Reliability of information.

2. High-Level IT Processes, terdiri dari: IT Domains (Planning and Organisation, Acquisition & Implementation, Delivery & Support, Monitoring and Evaluation); IT Process (IT strategy, Computer operations, Incident handling, Acceptance testing, Change management, Contingency planning, Problem management); Activities (Record new problem, Analyse, Propose solution, Monitor solution, Record known problem.)

3. Information Technology Resource: Expert staff, Applications, Technology, Facilities, Database Management System, Hardware, Software, Multimedia.

COBIT memiliki cakupan yang sangat luas dan belum tentu semua organisasi memiliki atau mencakup keseluruhan proses-proses tersebut. (Kania, 2011) menjelaskan setiap perusahaan memiliki ragam dan jangkauan pemanfaatan terhadap teknologi informasi dan tidak semua langkah dalam COBIT dapatditerapkan, hanya pada bagian tertentu yang dengan sesuai kebutuhan Perusahaan. Selaras dengan apa yang telah dijelaskan (ITGI, 2007) Standar ini tidak menuntutpenerapan pada setiap komponen tapi dapat memilih pada bagian-bagian yang terkaitsaja.

Perbandingan model COBIT dengan Model lain seperti ditunjukan padatabel 2.1 dibawah ini (Mapping, 2011).

Tabel 2.1 Tabel cakupan COBIT 4.1 dalam domain PO dan ME disbanding model lain

Tabel 2.2 Tabel cakupan Domain COBIT 4.1 dibandingkam dengan Luftman

Framework (sumber: Luftman, 2004 & Simonsson, 2008)

*Domain*	*COBIT 4.1*	*LUFTMAN*
PO1	Define a strategic IT plan.	LG1. Business strategic planning
PO2	Define the information architecture.	LSA1. Traditional, Enabler/Driver, External LSA2. Standards ArticulationLSA3. Architectural Integration: Functional   Organization, Enterprise, nter-enterprise
PO3	Determine technological direction.	LSA2. Standards Articulation LSA5. Agility, Flexibility LC6. Liaison(s)
PO4	Define the IT processes, organisation and relationships.	LS2. Cultural locus of Power LS3. Management Style LS4. Change Readiness LP4. IT Program Management LG6. Steering Committee(s) LC5. Knowledge Sharing
PO5	Manage the IT investment.	LP1. Business Perception of IT Value LG6. Steering Committee(s) LG5. IT Investment Management
PO6	Communicate management aims and direction.	LC1. Understanding of Business by IT LC2. Understanding of IT by Business LC3. Inter/Intra- organizational   Learning/Education LC4. Protocol Rigidity LC5. Knowledge Sharing
PO7	Manage IT human resources.	LS2. Cultural locus of Power LS4. Change Readiness LS6. Education, Cross-Training
PO8	Manage quality.	LM7. Continuous Improvement
PO9	Assess and manage IT risks.	LG5. IT Investment Management LP3. Shared Goals, Risk,Rewards/Penalties LP4. IT Program Management

PO10	Manage projects.	LS7. Social, Political, Trusting Interpersonal Environment LP3. Shared Goals, Risk, Rewards/Penalties LG7. Prioritization Process
ME1	Monitor and evaluate IT performance	LS7. Social, Political, Trusting Interpersonal Environment LP3. Shared Goals, Risk, Rewards/Penalties LG7. Prioritization Process
ME2	Monitor and evaluate internal control	LM7. Continuous Improvement LP1. Business Perception of IT Value
ME3	Ensure compliance with external requirements	LM3. Service Level LG3. Reporting/Organization   Structure
ME4	Provide IT governance	LC1. Understanding of Business by IT LC2. Understanding of IT by Business

Tabel 2.3 Tabel cakupan Domain COBIT 4.1dibandingkan dengan pwC Framework

(sumber: PricewaterhouseCoopers, 2003)

*Domain*	*Descripts (Plan and Organise)*	*pwC Focused*
PO1	Define a strategic IT plan.	pwC1. Define stakeholder expectations pwC2. Articulate theMission pwC3. Develop a Formal Strategic plan
PO2	Define the information architecture.	pwC1. Define stakeholder expectations
PO3	Determine technological direction.	pwC1. Define stakeholder expectations
PO4	Define the IT processes, organisation and relationships.	pwC1. Define stakeholder expectations
PO5	Manage the IT investment.	pwC5. Establish current and multiyear Budgets

PO6	Communicate management aims and direction.	pwC2. Articulate the Mission
PO7	Manage IT human resources.	pwC7. Assess Needed Skill Sets
PO8	Manage quality.	pwC8. Develop or acquire enabling infrastructure, methodology and technology
PO9	Assess and manage IT risks.	pwC4. Assess Risk and Develop the audit plan
PO10	Manage projects.	pwC1. Define stakeholder expectations
*Domain*	*Descripts (Monitor and Evaluate)*
ME1	Monitor and evaluate IT performance	pwC8. Develop or acquire enabling infrastructure, methodology and technology
ME2	Monitor and evaluate internal control	pwC8. Develop or acquire enabling infrastructure, methodology and technology
ME3	Ensure compliance with external requirements	pwC8. Develop or acquire enabling infrastructure, methodology and technology
ME4	Provide IT governance	pwC3. Develop a Formal Strategic plan

Selain itu menurut (Ridley et al. 2006) COBIT adalah kerangka kontrol yang paling tepat untuk membantu organisasi memastikan keselarasan antarapenggunaan Teknologi Informasi dan tujuan bisnis. Dapat di simpulkan bahwa dari keseluruah teknologi informasi Frameworkyang paling sering digunakan dan mencakup keseluruhan tata kelola teknologi informasi adalah COBIT karena COBIT Framework bergerak sebagai integrator dari praktik IT governance dan juga yang dipertimbangkan kepada petinggi manajemen atau manager; manajemen teknologi informasi dan bisnis; para ahli governance, asuransi dan keamanan; dan juga para ahli auditor teknologi informasi dan kontrol. COBIT Framework dibentuk agar dapat berjalan berdampingan dengan standar danbest practices yang lainnya (Setiawan, 2010)

Fokus Proses COBIT digambarkan oleh model proses yang membagi teknologi informasi menjadi empat domain dan 34 proses sesuai dengan bidang yang bertanggung jawab terhadap perencanaan, membangun, menjalankan dan memonitor implementasi teknologi informasi, dan juga memberikan pandangan end-to-endteknologi informasi. Gambar dibawah ini menunjukan proses dari COBIT: