1 / 25

Tatakelola TIK berdasarkan COBIT

Tatakelola TIK berdasarkan COBIT. Agenda. Apakah tatakelola TIK? CobiT Essentials CobiT Framework. What is CobiT?.

justine-roy
Download Presentation

Tatakelola TIK berdasarkan COBIT

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tatakelola TIK berdasarkan COBIT

  2. Agenda • Apakah tatakelola TIK? • CobiT Essentials • CobiT Framework

  3. What is CobiT? • CobiT (Control Objectives for Information and Related Technology) is globally accepted as being the most comprehensive work for IT governance, organization, as well as IT process and risk management • CobiTmenyediakanpraktek-praktek yang baikuntukmanajemenproses IT in a manageable and logical structure, meeting the multiple needs of enterprise management by bridging the gaps between business risks, technical issues, control needs and performance measurement requirements. • The CobiT mission is to research, develop, publicize and promote an authoritative, up-to-date, international set of generally accepted information technology control objectives for day-to-day use by business managers and auditors.

  4. Apakah tatakelola TIK IT governance is the responsibility of executives and the board of directors, and consists of the leadership, organisational structures and Processes that ensure that the enterprise’s IT sustains and extends the organisation’s strategies and objectives.(cobit 4.0 executive summary) IT governance adalahtanggungjawabeksekutifdandewandireksi, danterdiridarikepemimpinan, strukturorganisasidanProses yang memastikanbahwa IT perusahaanmendukungdanmemperluasstrategidantujuanorganisasi.

  5. Apakah COBIT? • Control Objective for information and related technologies • Standar tatakelola teknologi informasi yang dikeluarkan oleh ISACAwww.isaca.org

  6. KomponenCobiT • Executive Summary • Menjelaskan konsep kunci dan prinsip prinsip utama . • Management Guidelines • Untuk memastikan perusahana berhasil mencapai tujuan maka perusahaan perlu mengelola secara efektif keterkaitan antara proses bisnis dan sistem informasi. Bagian ini tersusun atas model kematangan, CSF, KGI dan KPI • Framework • Frame work menjelaskan 34 tujuan pengendalian tingkat tinggi yang tersusun atas 4 domain. Setiap framework juga mengidentifikasikan 7 kriteria informasi dan sumberdaya TIK yang memiliki dampak terhadap pengendalian tingkat tinggi

  7. Komponen CobiT • Control Objectives • Bagianinimenyediakanberbagaiaspek yang perludigambarkanuntukmenyusunkebijakandanprkatek yang baikbagipengendalian TIK. • Audit Guidelines • Merupakanpanduancarapenerapan audit • Implementation Toolset • Alat yang disediakanuntukmelakukanbeberapa benchmarking dari COBIT

  8. CobiT Components

  9. Tujuan Pokok COBIT

  10. CobiT Framework

  11. Kriteria informasi EFFECTIVENESS AVAILABILITY Informasi tersedia ketika dibutuhkan Informasi relevan dengan proses bisnis meliputi tepat waktu, benar, bermanfaat EFFICIENCY COMPLIANCE Terkait dengan pemanfaatan sumberdaya secara optimal Berkaitan dengan ketetapan hukum, dan persetujuan kontrak . CONFIDENTIALITY RELIABILITY OF INFORMATION Relates to the provision of appropriate information for the workforce of the organization kerahasiaan Berkaitan dengan keakuratan dan kelengkapan informasi INTEGRITY

  12. Sumberdaya • Organizations - People : keterampilan staff, awareness and produktivitasuntukmerencanakan, mengorganisasikan, mencari, menyediakan, mendukung and me-monitor sisteminformasidanlayanannya. • SistemAplikasi : pemahamanterhadapsiteminformasi manual dan yang otomatis(berbasiskomputer). • teknologi: meliputiperangkatkeras, sistemoperasi, sistemmanajemen basis data,jaringan, multimedia dll. • Fasilitas: Sumberdayauntukmelindungifasilitasdanteknologi yang tersedia(ruangandll). • Data : obyek data, berisfatteks, suara, gambardll.

  13. Domain COBIT • Planning and Organization • Domain inimeliputitaktikdanstrategidanmemfokuskanpadacara TI dapatmemberikankontribusi yang optimal bagitujuanbisnis • Acquisition and Implementation • Untukmerealisasikanstrategi TIK, solusi TI harusdiidentifikasi, dikembangkanditerapkandandiintergrasikanterhadapprosesbisnis

  14. The Four CobiT Domains • Delivery and Support • Domain inifokuspadapenyediaanlayanan yang dibutuhkan yang meliputi level operasional, keamanansertaaspekpelatihan • Monitoring • Semuaproses TIK perludiaksessetiapwaktuuntukdimonitorkualitasnya.

  15. Planning and Organization PO1 - Define a strategic IT plan PO2 - Define the information architecture PO3 - Determine the technological direction PO4 - Define the IT organization and relationships PO5 - Manage the investment PO6 - Communicate management aims and directions PO7 - Manage human resources PO8 - Ensure compliance with external requirements PO9 - Assess risks PO10 - Manage project PO11 - Manage quality Acquisition and Implementation AI1 - Identify solutions AI2 - Acquire and maintain application software AI3 - Acquire and maintain technology architecture AI4 - Develop and maintain IT procedures AI5 - Install and accredit systems AI6 - Manage changes CobiT IT Processes

  16. Delivery and Support DS1 - Define Service Levels DS2 - Manage third-party services DS3 - Manage performance and capacity DS4 - Ensure continuous service DS5 - Ensure system security DS6 - Identify and attribute costs DS7 - Educate and train users DS8 - Assist and advise IT customers DS9 - Manage the configuration DS10 - Manage problems and incidents DS11 - Manage data DS12 - Manage facilities DS13 - Manage operations Monitoring M1 - Monitor the processes M2 - Assess the internal control adequacy M3 - Obtain independent assurance M4 - Provide for independent audit CobiT IT Processes

  17. KPI • Key Performance Indicators (KPI) • KPI’s are a measure of “how well” the process is performing. • KPI adalahukuransejauhmanaprosesberjalan • KPI dapatdigunakanuntukmemprediksikeberhasilanataukegagalan • Fokuspadaprosesdandimensipembelajaranpada balance scorecard • Diwujudkandalamterminologi yang terukur • Dapatdigunakanuntukmembantumemperbaikiproses TI

  18. Key Performance Indicators dalam proses TIK yang umum • System downtime • Throughput and response times • Amount of errors and rework • Number of staff trained in new technology and customer service skills • Benchmark comparisons • Number of non-compliance reportings • Reduction in development and processing time

  19. Financial • # of IT customers • Cost per IT customer • Cost-efficiency of IT processes up • Delivery of IT value per employee Contoh ukuran kinerja (BSC) Process Customer • Level of service delivery up • Satisfaction of existing customers • # of new customers reached • # of new service delivery channels • Availability of systems & services • Developments on schedule & budget • Throughput & response times • Amount of errors and rework Information Learning • Staff productivity & morale • # of staff trained in new techno/services • Value delivery per employee up • Increased availability knowledge systems

  20. Deskripsi proses Kriteria Informasi effectiveness efficiency availability compliance reliability integrity confidentiality P P Sumberdaya S S Maturity Model • KGI’s 0 - Management processes are not applied at all 1 - Processes are ad hoc and disorganised 2 - Processes follow a regular pattern 3 - Processes are documented and communicated 4 - Processes are monitored and measured 5 - Best practices are followed and automated • KPI’s   people applications facilities data technology Critical Success Factors

  21. CSF • Merupakan hal paling penting yang perlu dilakukan untuk mencapai tujuan • Dapat dicari-dapat diukur- merupakan karakteristik dari organsiasi dan proses bisnis • Dapat bersifat strategis, teknologis, organisasional atau bersifat prosedural • Fokus pada pencarian, pemeliharaan dan perluasan kemampuan, keterampilan dan perilaku • Dinyatakan dalam terminologi proses.

  22. Critical Success Factors dalamproses TIK yang umum • Kinerja TIK diukurdalamterminologikeuangan, sebagaikepuasankonsumen, efektiftasdankapasitasmasadepan; Reward berdasarkanpadaukurankinerjaini. • Prosesselarasdenganstrategi TIK dandengantujuanbisnis.

  23. Process Description Information Criteria effectiveness efficiency availability compliance reliability integrity confidentiality P P Resources S S Maturity Model • KGI’s 0 - Management processes are not applied at all 1 - Processes are ad hoc and disorganised 2 - Processes follow a regular pattern 3 - Processes are documented and communicated 4 - Processes are monitored and measured 5 - Best practices are followed and automated • Critical Success Factors • CSF • KPI’s   people applications facilities data technology Maturity Model

  24. Kesimpulan • Anda telah belajar tentang tatakelola TIK berdasarkan framework COBIT

More Related