Analisis manajemen resiko teknologi informasi pada rumah sakit menggunakan framework Cobit 5.0 domain APO12

Alexander Novaldi; M Raka Nurhabibi; S Charles Selvianto; Sri Andayani

doi:10.24246/itexplore.v5i1.2026.pp11-25

Authors

Alexander Novaldi Fakultas Sains dan Teknologi, Sistem Informasi, Universitas Katolik Musi Charitas
M Raka Nurhabibi Fakultas Sains dan Teknologi, Sistem Informasi, Universitas Katolik Musi Charitas
S Charles Selvianto Fakultas Sains dan Teknologi, Sistem Informasi, Universitas Katolik Musi Charitas
Sri Andayani Fakultas Sains dan Teknologi, Sistem Informasi, Universitas Katolik Musi Charitas https://orcid.org/0009-0000-3296-5550

DOI:

https://doi.org/10.24246/itexplore.v5i1.2026.pp11-25

Keywords:

IT Risk Management, COBIT 5, APO12, Capability Level, Hospital

Abstract

ABSTRACT

The implementation of Information Technology at XYZ Hospital serves as a key driver in enhancing the efficiency of healthcare services, but it also raises the organization’s vulnerability to significant operational risks. The primary risks identified involve inaccurate data resulting from human mistakes, breakdowns in system interoperability, and the deterioration of hardware infrastructure that may interfere with patient care. This research seeks to assess the governance of IT risk management and determine the organization’s capability level using the COBIT 5.0 framework, focusing on the APO12 (Manage Risk) domain. The study employs qualitative methods, gathering information through interviews and direct observations, and then conducts a gap analysis to compare the current state (As-Is) with the desired future state (To-Be). Findings show that the organization’s capability is currently at Level 2 (Managed Process) with a score of 1.87, which is still below the intended maturity level of 3 (Established Process) at 2.94. These results indicate that risk management activities are still largely reactive and rely on intuition, with no standardized procedures embedded within the institution. Ultimately, the study suggests formalizing a Risk Register, standardizing mitigation procedures through established SOPs, and developing a Disaster Recovery Plan to strengthen risk governance into a more systematic, preventive, and resilient framework.

Downloads

Download data is not yet available.

References

M. Y. Ramadhan M, M. I. P. Nasution, And Triase, “Audit Tata Kelola Teknologi Informasi Cobit 5 Manajemen Risiko,” J. Sist. Inf. Kaputama, Vol. 6, No. 1, Pp. 15–23, 2022.

T. Muryanti, M. Pinilih, And D. Oktaviana, “Evaluasi Sistem Informasi Manajemen Rumah Sakit ( Simrs ) Pada Rsia Bunda Arif Purwokerto Menggunakan Framework Cobit 5,” J. Pro Bisnis, Vol. 11, No. 2, Pp. 59–75, 2018.

M. S. Nalenan, Y. Payong, And Sumarlin, “Analisis Tata Kelola Sistem Informasi Manajemen Rumah Sakit Umum Daerah Prof. Dr. W. Z. Johannes Kupang Menggunakan Cobit 5 Framework,” J. Teknol. Inf., Vol. 12, No. 2, Pp. 89–101, 2021.

L. E. Hutagalung, “Risk Management Analysis Of Hospital Management Information System ( Simrs ) In Xyz Hospital Using Iso 31000,” J. Teika, Vol. 12, No. 1, Pp. 23–33, 2022.

N. Made, N. Putri, I. G. Juliana, E. Putra, I. G. Putu, And K. Juliharta, “Analisis Tata Kelola Dan Audit Sistem Informasi Pada Rumah Sakit Umum ‘ Xyz ’ Menggunakan Kerangka Kerja Cobit 5,” J. Ilm. Tek. Inform. Dan Sist. Inf., Vol. 5.

S. Tangprasert, “A Study Of Information Technology Risk Management Of Government And Business Organizations In Thailand Using Coso-Erm Based On The Cobit 5 Framework,” J. Appl. Sci., Vol. 19, No. 1, Pp. 13–24, 2020, Doi: 10.14416/J.Appsci.20.

E. A. Alsaleem And N. M. Husin, “The Impact Of Information Technology Governance Under Cobit-5 Framework On Reducing The Audit Risk The Impact Of Information Technology Governance Under Cobit-5 Framework On Reducing The Audit Risk In Jordanian Companies,” J. Profess. Bus. Rev., Vol. 8, No. 2, Pp. 1–24, 2023.

N. Butarbutar And A. R. Tanaamah, “Analisis Manajemen Risiko Menggunakan Cobit 5 Domain Apo12 ( Studi Kasus : Yayasan Bina Darma ),” J. Inf. Syst. Informatics Vol., Vol. 3, No. 3, Pp. 352–362, 2021.

H. Ani, N. Sari, Y. Rahardja, H. P. Chernovita, And S. Si, “Analisis Manajemen Risiko Ti Pada Diskominfo Salatiga Menggunakan Cobit5 Dengan Domain Apo12,” J. Tek. Inform. Dan Sist. Inf., Vol. 8, No. 4, Pp. 1772–1784, 2021.

M. Kamal And J. Elim, “The Empowerment Of Small Enterprises In Construction Sector For Government Procurement Of Goods And Services: Mandatory Study Of Role And Risk,” Kinerja, Vol. 24, No. 1, Pp. 66–81, 2020.

R. Ardhyka, A. Fidaiyah, dan R. Meiyanti, “Analisis Manajemen Risiko IT Menggunakan COBIT5 Pada Domain APO12,” Jurnal Informasi dan Teknologi (JIDT), vol. 5, no. 2, pp. 30–38, Jun. 2023.

M. A. Wirayudha, N. Novriyanto, T. Darmizal, dan L. Oktavia, “Analisis Manajemen Risiko Teknologi Informasi pada KPU Menggunakan Cobit 5 Domain APO12,” MALCOM: Indonesian Journal of Machine Learning and Computer Science, vol. 4, no. 2, pp. 433–442, Feb. 2024.

Al Fajri, Novriyanto, N. Safaat H, dan M. Affandes, “Analisis Manajemen Risiko TI Menggunakan Framework COBIT 5 Domain APO12 dan EDM03,” KLIK: Kajian Ilmiah Informatika dan Komputer, vol. 4, no. 3, pp. 1524–1533, Des. 2023.

B. Prasetyo, L. Q. Toha, dan W. E. Y. Retnani, “Risk Management using COBIT 5 for Risk: A Case Study on Local Government in Indonesia,” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, vol. 8, no. 1, pp. 11-20, Feb. 2023.

Analisis manajemen resiko teknologi informasi pada rumah sakit menggunakan framework Cobit 5.0 domain APO12

Authors

DOI:

Keywords:

Abstract

Downloads

References

Downloads

Published

How to Cite

Issue

Section

License

Main Menu

Make a Submission

sidebartools

Information

sidebarissn

indexedby

Keywords

Statistic