Information Technology Governance Analysis Using The COBIT 2019 Framework at XYZ Institution

Abstract

Information technology governance has become an essential part of most companies. The use of information technology is not only limited to companies but also educational institutions. Information technology capabilities must keep pace with the times to help achieve process efficiency. Return on investment in information technology is an important consideration, so an assessment of information technology governance needs to be carried out. This study aims to determine how well information technology at the XYZ institution supports companies in doing their business. The COBIT 2019 framework is used in this research to achieve good information technology governance by showing how information technology can be aligned with the business. The study results show that the BAI03 Managed Solutions Identification and Build, BAI07 Managed IT Changes Acceptance and Transitioning, BAI10 Managed Configuration, DSS01 Managed Operations, and DSS05 Managed Security Services processes were found to be priority processes for XYZ institution. Using the COBIT 2019 design factor toolkit, the DSS01 process has a target capability level of 4, while the BAI03, BAI07, BAI10, and DSS05 processes have a target capability level of 3. Each priority process was found to have a capability level of level 1, resulting in a gap in the capability level between the current capability levels and the target capability level. The BAI10 process has the lowest capability level among the five priority processes with a partially rating of 20%.