Pemanfaatan COBIT 2019 Information Security Dalam Merancang Manajemen Keamanan Informasi Pada Transformasi BankCo
Abstract
Consumer behavior changes, the rapid digital innovation pace among competitors, and regulatory directives have compelled incumbent companies to accelerate digital transformation (DT) efforts. Previous research has successfully identified the influence of information technology governance (ITG) on organizational performance (OP), fully mediated by DT. However, a deeper understanding of the design of information security management mechanisms to guide the DT journey is still necessary. This study employs the Design Science Research (DSR) approach, based on the latest ISACA framework, COBIT 2019 Information Security Focus Area. A case study is conducted at BankCo, with data collection through interviews and document triangulation. Solution design and implementation roadmaps are based on gaps identified from the assessment of the three BankCo priorities: DSS05 Managed Security Services, APO13 Managed Security, and BAI06 Managed IT Changes. This research contributes to the knowledge base of information security management in DT and is particularly practical for guiding BankCo's DT journey, as well as benefiting the broader industry.
Keywords: Digital Transformation; IT Governance and Management; COBIT 2019 Information Security; Design Science Research; Bank.
Abstrak
Perubahan perilaku konsumen, kecepatan inovasi digital kompetitor, dan arahan regulasi telah memaksa perusahaan incumbent untuk percepatan transformasi digital (TD). Penelitian sebelumnya berhasil mengidentifikasi pengaruh tata kelola TI (TKTI) terhadap kinerja organisasi (KO), dimediasi penuh oleh TD. Namun masih diperlukan pendalaman mengenai rancangan mekanisme pengelolaan keamanan informasi untuk mengawal perjalanan TD. Penelitian ini menggunakan pendekatan Design Science Research (DSR) berbasis kerangka kerja terkini dari ISACA yaitu COBIT 2019 Information Security Focus Area. Studi kasus dilakukan di BankCo, dengan pengumpulan data melalui wawancara dan triangulasi dokumen. Perancangan solusi dan roadmap implementasi dilakukan berdasarkan kesenjangan yang didapatkan dari hasil penilaian tujuh komponen pada ketiga prioritas BankCo yaitu DSS05 Managed Security Services, APO13 Managed Security, dan BAI06 Managed IT Changes. Penelitian ini berkontribusi terhadap basis pengetahuan mengenai pengelolaan keamanan informasi pada DT, serta secara praktis khususnya bermanfaat bagi BankCo untuk mengawal perjalanan TD-nya, dan umumnya bagi industri terkait.
Keywords
References
R. Mulyana, L. Rusu, and E. Perjons, “IT Governance Mechanisms Influence on Digital Transformation: A Systematic Literature Review,” Americas’ Conference on Information Systems (AMCIS), Virtual, 2021, pp. 1-10., 2021.
C. Gong and V. Ribiere, “Developing a unified definition of digital transformation,” Technovation, vol. 102, p. 102217, Apr. 2021, doi: 10.1016/j.technovation.2020.102217.
R. Mulyana, L. Rusu, and E. Perjons, “IT Governance Mechanisms that Influence Digital Transformation: A Delphi Study in Indonesian Banking and Insurance Industry,” Pacific Asia Conference on Information Systems (PACIS), AI-IS-ASIA (Artificial Intelligence, Information Systems, in Pacific Asia), Virtual Conference, July 5-9, 2022. Association for Information Systems (AIS), 2022.
S. De Haes, L. Caluwe, T. Huygh, and A. Joshi, Governing Digital Transformation: Guidance for Corporate Board Members. in Management for Professionals. Cham: Springer International Publishing, 2020. doi: 10.1007/978-3-030-30267-2.
Otoritas Jasa Keuangan Republik Indonesia, “Peraturan Otoritas Jasa Keuangan Republik Indonesianomor 11 /POJK.03/2022 Tentang Penyelenggaraan Teknologi Informasi Oleh Bank Umum.” 2016.
Otoritas Jasa Keuangan, “The Indonesian Financial Services Sector Master Plan.” 2020.
Otoritas Jasa Keuangan, “Peraturan Otoritas Jasa Keuangan Republik Indonesia Nomor 11 /POJK.03/2022 Tentang Penyelenggaraan Teknologi Informasi Oleh Bank Umum.” 2022.
Google, Temasek, and Bain, “E-Conomy Sea 2020: At Full Velocity - Resilient and Racing Ahead.” Syria Studies., 2020.
Menteri BUMN, “Peraturan Menteri Badan Usaha Milik Negara (BUMN) Republik Indonesia Nomor Per-2/MBU/03/2023 tentang Pedoman Tata Kelola dan Kegiatan Korporasi Signifikan Badan Usaha Milik Negara.” 2023.
P. M. Dewi, R. Fauzi, and R. Mulyana, “Perancangan Tata Kelola Teknologi Informasi Untuk Transformasi Digital Di Industri Perbankan Menggunakan Framework COBIT 2019 Domain Build, Acquire And Implement: Studi Kasus Bank XYZ.,” eProceedings of Engineering, vol. 8, no. 5, pp. 9672-9683, 2019.
K. S. R. Warner and M. Wäger, “Building dynamic capabilities for digital transformation: An ongoing process of strategic renewal,” Long Range Planning, vol. 52, no. 3, pp. 326–349, Jun. 2019, doi: 10.1016/j.lrp.2018.12.001.
ISACA, COBIT® 2019 Framework: introduction and methodology. Schaumburg, Illinois: ISACA, 2018.
S. Vejseli and A. Rossmann, “The Impact of IT Governance on Firm Performance A Literature Review,” 2017.
N. Afifah, R. Mulyana, and L. Abdurrahman, “Survei Pengaruh Tata Kelola TI terhadap Transformasi Digital dan Kinerja Organisasi Bank,” Jurnal Sistem Informasi, vol. 11, no. 2, pp. 1-13, 2022.
T. Z. Nurafifah, R. Mulyana, and L. Abdurrahman, “Pengujian Model Pengaruh Tata Kelola TI Terhadap Transformasi Digital dan Kinerja Bank A,” josh, vol. 4, no. 1, pp. 73–82, Oct. 2022, doi: 10.47065/josh.v4i1.2257.
F. Luthfia, R. Mulyana, and L. Ramadani, “Analisis Pengaruh Tata Kelola Ti Terhadap Transformasi Digital Dan Kinerja Bank B,” ZONAsi: Jurnal Sistem Informasi, vol. 4, no. 2, pp. 100–116, 2022.
B. Panjaitan, L. Abdurrahman, and R. Mulyana, “Pengembangan Implementasi Sistem Manajemen Keamanan Informasi Berbasis Iso 27001:2013 Menggunakan Kontrol Annex : Studi Kasus Data Center PT. XYZ,” eProceedings of Engineering, vol. 8, no. 2, pp. pp. 2813-2825, 2021.
ISACA, COBIT Focus Area: Information Security Using COBIT 2019. ISACA, 2020.
D. A. Permana, R. Fauzi, and R. Mulyana, “Perancangan Tata Kelola Teknologi Informasi Untuk Transformasi Digital Di Industri Perbankan Menggunakan Framework Cobit 2019 Domain Align, Plan, And Organise : Studi Kasus Di Bank XYZ,” e-Proceeding of Engineering, vol. 8, no. 5, pp. 9672-9683, 2021.
Hevner, March, Park, and Ram, “Design Science in Information Systems Research,” MIS Quarterly, vol. 28, no. 1, p. 75, 2004, doi: 10.2307/25148625.
K. Peffers, T. Tuunanen, M. A. Rothenberger, and S. Chatterjee, “A Design Science Research Methodology for Information Systems Research,” Journal of Management Information Systems, vol. 24, no. 3, pp. 45–77, Dec. 2007, doi: 10.2753/MIS0742-1222240302.
A. K. Shenton, “Strategies for ensuring trustworthiness in qualitative research projects,” EFI, vol. 22, no. 2, pp. 63–75, Jul. 2004, doi: 10.3233/EFI-2004-22201.
R. Mulyana, L. Rusu, and E. Perjons, “How Hybrid IT Governance Mechanisms Influence Digital Transformation and Organizational Performance in the Banking and Insurance Industry of Indonesia,” Information Systems Development (ISD) Conference, Lisbon, 2023, pp. 1-12., 2023.
Gartner, “Gartner Magic Quadrant & Critical Capabilities.” [Online]. Available: https://www.gartner.com/en/research/magic-quadrant
How To Cite This :
Refbacks
- There are currently no refbacks.