Page 64 - Sistem Informasi dan Pengendalian

Page 64 - Sistem Informasi dan Pengendalian - Ikatan Akuntan Indonesia

P. 64

SISTEM INFORMASI
DAN PENGENDALIAN INTERNAL BAB 4: SISTEM INFORMASI DAN PENGENDALIAN INTERNAL

Processes for Governance of Enterprise IT
Evaluate, Direct, and Monitor

EDM01 Ensured EDM04 Ensured EDM05 Ensured
Governance EDM02 Ensured EDM03 Ensured
Resources
Framework Setting Benefits Delivery Risk Oftimization Oftimization Stakeholdfer
Engagement
and Maintanance
Align, Plan, and Organize Monitor,
Evaluaste
APO01 Managed APO03 Managed and Assess
APO06 Managed
APO07 Managed
the IT Management APO02 Managed Enterprice APO04 Managed APO05 Managed Budget and Costs Human Resources
Innovation
Portofolio
Strategy
Fremawork Architecture MEA01 Managed
Ferformance and
Conformance
APO08 Managed APO09 Managed APO10 Managed APO11 Managed APO12 Managed APO12 Managed APO12 Managed Monitoring
Relationships Services Vendors Quality Risk Security Dota
IAI WEB VERSION
Agreements
Build, Acquire, and Implement MEA02 Managed
System of Internal
BAI03 Managed BAI07 Managed
BAI01 Managed BAI02 Managed Solutuions BAI04 Managed BAI05 Managed BAI06 Managed IT Chage Control
Programs Requirements Identification Availability and Organizational IT Changes Acceptance and
Definition Capacity Change
and Build Transitioning
MEA03 Managed
BAI08 Managed BAI09 Managed BAI10 Managed BAI10 Managed Compliance
Knowledge Assets Configuration Configuration with External
Requirements
Deliver, Service, and Support
DSS01 Managed DSS02 Managed DSS03 Managed DSS04 Managed DSS05 Managed DSS05 Managed
Operation Service Requests Problem Comunity Securitt Business MEA04 Managed
and incident services Process Controls Assurance

Processes for Management of Enterprise IT

(Romney, Marshall, B. and Paul J. Steinbart. 2024)

• COBIT menjadi panduan komprehensif:
COBIT mencakup seluruh siklus hidup tata kelola TI: mulai dari perencanaan, pengadaan,
implementasi, pengoperasian, pemantauan, hingga evaluasi sistem dan proses TI. Termasuk
tujuan pengendalian, indikator kinerja, struktur organisasi, serta peran dan tanggung jawab.
• Mengelola dan Mengendalikan TI:
• COBIT membedakan antara manajemen TI (day-to-day) dan tata kelola TI (strategis).
• Dalam tata kelola: fokusnya pada penetapan arah, pemantauan kinerja, dan
pengendalian risiko.
• Dalam manajemen: fokusnya pada pelaksanaan, pencapaian target operasional, dan
efisiensi proses TI.
• Efektif dan Efisien:
• Efektif: TI harus berkontribusi langsung terhadap tujuan bisnis (misalnya peningkatan
layanan pelanggan, pengambilan keputusan berbasis data, dll).
• Efisien: TI harus menggunakan sumber daya secara optimal (anggaran, SDM, waktu),
dan menghindari pemborosan (redundansi sistem, duplikasi aplikasi, dll).
• Selaras dengan Tujuan Bisnis (Business-IT Alignment):
• COBIT mendorong agar TI tidak berdiri sendiri, melainkan mendukung dan
memfasilitasi pencapaian strategi dan nilai bisnis.
• Misalnya: jika tujuan bisnis adalah ekspansi global, maka TI harus mendukung sistem
multibahasa, integrasi lintas negara, dan analitik global.

54 Hak Cipta 2025 IKATAN AKUNTAN INDONESIA – Dilarang memfoto-kopi atau memperbanyak Hak Cipta 2025 IKATAN AKUNTAN INDONESIA – Dilarang memfoto-kopi atau memperbanyak 55

59 60 61 62 63 64 65 66 67 68 69