Audit Domain Acquire And Implement dengan Cobit 4.1 pada PT Erajaya Swasembada Tbk
Keywords:audit, technology, information, COBIT 4.1, maturity model
AbstractThe main priority aspect of information and communication technologies is given to control mechanisms, both internal and external in enterprises. It ensures that the reports and the decisions received and generated by the management will support their decision-making. The decisions have honesty and high integrity based on the results of the audit conducted on systems of information and communication technology. The objective of this research is to deliver audit reports of information systems for management and make recommendations on the audit findings in PT Erajaya Swasembada Tbk. Business processes studied included sales, purchasing, finance, and the warehouse. The system used was "Erajaya Live Application Server" and ERP (Enterprise Resource Planning)-based. This research used thedomain of COBIT 4.1: Acquire and Implement. The domain included several sub-domains, which were:identify automated solutions (AI1), acquire and maintain application software (AI2), acquire and maintain technology infrastructure (AI3), enable operation and use (AI4), procure IT resources (AI5), manage changes (AI6), and install and accredit solutions and changes (AI7). Data were collected from interviewing IT Department, distributing questionnaires to respondents, and observing the business processes of this enterprise. Research obtained 57 audit findings on IT implementation. The results of process reference model formulation are 3 findings on AI1subdomain, 5 findings on AI2subdomain, 9 findings on AI3subdomain, 6 findings on AI4 subdomain, 11 findings on AI5subdomain, 13 findings pada AI6subdomain, and 10 findings on AI7subdomain. The level of maturity model of this domain, Acquire and Implement (AI), was found on level 3.
Arens, A. A., Elder, R. J., & Beasley, M. S. (2005). Auditing and Assurance Services: An Integrated Approach. Edisi 10. New Jersey: Prentice Hall.
Cangemi, P. M. & Singleton, T. (2003). Managing The Audit Function. Edisi 3. New Jersey: John Willey & Sons.
Cascarino, R. (2012). Auditor’s Guide to IT Auditing. New Jersey: John Wiley & Sons.
Gondodiyoto, S. (2007). Audit Sistem Informasi: Pendekatan COBIT. Edisi Revisi. Jakarta: Mitra Wacana Media.
Hall, J. A. (2011). Information Technology Auditing and Assurance. United States: ACL Services.
Hunton, J. E., Bryant, S. M. & Bagranoff, N. A. (2004). Core Concepts of Information Technology Auditing. International Edition. New Jersey: John Wiley and Sons.
ISACA. (2007). COBIT 4.1. USA: IT Governance Institute.
Lee, W. W. (2014). Why computer ethics matters to computer auditing. Journal of ISACA, 2. Diakses dari http://iethicssoc.org/articles/Why-Computer-Ethics-Matters-to-Computer Auditing_joa_Eng_0314.pdf
McLeod, R. Jr. (2001). Sistem Informasi Manajemen. Alih bahasa: H. Teguh. Jilid 1, Edisi Bahasa Indonesia. Jakarta: Prenhallindo.
Messier, W. F., Glover, S. M., & Prawitt, D. F. (2006). Auditing & Assurance Services: A Systematic Approach. Buku 1, Edisi 4. Jakarta: Salemba Empat.
Singleton, T. W. (2011). IT risks—present and future. Journal of ISACA, 4. Diakses dari http://www.isaca.org/journal/past-issues/2011/volume-4/pages/it-risks-present-and-future.aspx.
Authors who publish with this journal agree to the following terms:
a. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License - Share Alike that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
b. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
c. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
All articles published Open Access will be immediately and permanently free for everyone to read and download. We are continuously working with our author communities to select the best choice of license options, currently being defined for this journal as follows: