COBIT and IT GOVERNANCE

BACKGROUNDDerived from an organization that was founded in 1969 in Carlifonia. This organization is named AIDITORS ELECTRONIC DATA PROCESSING ASSOCIATION (EDPAA). Is the only association for information systems audit process. In 1973 the organization held its first conference and publishes The EDP Auditor (Electronic Data Processing System).Then in 1977 published the first edition of
the Control Objectives, which is a complication of the guidelines, procedures, best practices, and standards EDP called COBIT. COBIT (the last is third edition in 2000), considered as an international set of Generally Accepted IT control objectives for day-to-day use by business managers, users of IT, and IS auditors.In June 1984 officially changed its name to EDPAA ISACA (Information Systems Audit and Control Association), who is now a member and chapter (a branch of professional organizations) in various countries. This is the first time the organization gave birth to COBIT.A. Why use COBIT?Based on the statements of ISACA:"Successful Organizations understand the benefits of information technology (IT) and use this knowledge to drive Their shareholders' value. They Recognize the critical dependence of many business processes on IT, the need to comply with Increasing regulatory compliance demands and the benefits of managing risk Effectively. Organizations to aid in successfully meeting today's business challenges, the IT Governance Institute (ITGI) has published version 4.0 of Control Objectives for Information and related Technology (COBIT). COBIT is an IT governance framework and supporting toolset That allows managers to bridge the gap Between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organization. ITGI's latest version - COBIT 4.0 - emphasizes regulatory compliance, helps Organizations to increase of the value Attained from IT, enables alignment and simplifies implementation of the COBIT framework. It does not invalidate work done based on Earlier versions of COBIT but instead can be used to enhance work already done based upon Those Earlier versions. When major activities are planned for IT governance initiatives, or when an overhaul of the enterprise control framework is anticipated, it is recommended to start fresh with COBIT 4.0. COBIT 4.0 presents activities in a more streamlined and practical manner so continuous improvement in IT governance is Easier than ever to Achieve. ""Successful organizations understand the benefits of information technology (IT) and use this knowledge to drive their shareholders' value. They recognize the critical dependence of many business processes on IT, the need to meet the demands of regulatory compliance and risk management benefits of efektif.Untuk assist organizations in meeting the challenges of today's successful business, IT Governance Institute (ITGI) has published version 4.0 is the purpose of controlling information and technology related (COBIT). COBIT is the IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks and COBIT enables clear policy development and good practice for IT control throughout organizations. ITGI latest version - COBIT 4.0 - emphasis on regulatory compliance, helps organizations to improve the value gained from IT, enables alignment and simplifies implementation of the COBIT framework. This does not invalidate work done based on earlier versions of COBIT but can be used to enhance the work already done based upon the previous version. When major activities are planned for IT governance initiatives, or when the company's anticipated overhaul of control framework, it is recommended to start fresh with COBIT 4.0 presents activities 4.0.COBIT in a more efficient and practical so that continuous improvements in IT management easier than ever to achieve.Thus, for an organization to conduct its business in accordance with applicable regulations and standards, then COBIT can help to further improve the technology used by a oragnisasi or company2. COBIT definitiona. Control Objective for Information and related Technology, COBIT abbreviated, is a standard guide information technology management practices. COBIT standards issued by the IT Governance Institute, which is part of the ISACAb. COBIT (Control Objectives for Information and Related Technologies) is an open standard published by the IT Governance Institute and Information Systems Audit and Control Association (ISACA).c. COBIT is an IT governance framework and toolset kelolah supporters as an open standard published by the IT Governance Institute and Information Systems Audit and Control Association (ISACA).3. Goals and COBIT Framework (The COBIT Framework)COBIT was created to provide, cover and easy to understand introduction to the control framework.COBIT framework consists of several directives (guidelines), namely:• Planning and organization (plan and organise)• Procurement and implementation (acquire and implement)• Delivery and support (deliver and support)• Monitoring and evaluation (monitor and evaluate)COBIT framework also includes the following:A. Maturity ModelsTo map the status of maturity of IT processes (scale 0-5) in comparison with "the best in the class in the Industry" as well as International best practices.2. Critical Success Factors (CSFs)Implementation guidance for management is to be able to exercise control over the IT process.3. Key Goal Indicators (KGIs)Is the performance of IT processes with respect to business requirements.4. Key Performance Indicators (KPIs)Is the performance of IT processes with respect to the process goals.4.Manfaat of COBITa. Can help auditors, management and user (user), by helping to close the gap between business requirements, risks, controls, security, through increased security and control over all IT processes.b. COBIT can provide guidance (guidelines) are business oriented, and therefore the business process owners and managers, including auditors and users, is expected to take advantage of this guideline as well as possible.Audit Guidelines: Contains a total of 318 control objectives that are detailed (detailed control objectives) to assist the auditors in providing management assurance and / or suggestions for improvement.Management Guidelines: Contains directives, either in general or specific, about what must be done.Further, the auditor can use the Audit Guidelines as additional material for designing audit procedures. In short, especially COBIT guidelines can be modified easily, according to the industry, the condition of IT in the company or organization, or a particular object in the IT environment.c. COBIT gives you the control with which you can measure the process contained in ISO 17799 and ITIL, and that can be used for process improvement.5.IT GovernanceIs "a framework for leadership, organizational structure and business processes, standards and compliance with these standards, which ensures that the IT organization supports and enables achievement of the strategy and goals." (IT Governance: Pocket Guide).Sub-domains including IT Governance• Business continuity and disaster recovery (business continuity and disaster recovery)• Regulatory compliance (regulation compliance)• Information governance and information security (information governance and information security)• IT Service Management.• Knowledge Management, Including Intellectual Capital (Knowledge Management, including the Intellectual Capital)• Project governance (government project)• Risk management (risk management)IT governance is defined as a structure of relationships and processes that direct and regulate the organization in order to achieve its objectives by providing value-added utilization of information technology while balancing the risk compared with the results provided by information technology and process.IT governance is an integral part of the success of enterprise governance through a pen-ingkatan the effectiveness and efficiency in the processes related companies. IT governance provides the structure that links IT processes, IT resources and information for strategy and corporate objectives. Furthermore combining IT governance good (best) practice of IT planning and organizing, and pengimplemantasian development, delivery and support, and monitoring IT performance to ensure that corporate information and related technology support business objectives. IT governance enables companies to gain full advantage of the information, to maximize the advantages of the opportunities and competitive advantages they have.6. Version of the COBITCOBIT has many versions of the first, up to five versions, only this version can not be used because it earned a new will in 2011. Therefore current version used is version 4.7. Standards are used in addition to COBIT.a. ITIL ®, IT Infrastructure Library ®, or, developed by the UK Office of Government Commerce as a library of best practices for IT service management processes.b. ISO17799, now renumbered to be supported by ISO27002 and ISO 27001, (whether issued by the International Standards Organization in Geneva), is a global best practice standard for information security management within the organization.REFERENCESDrs, Sanyoto Gondodiyoto SE, 2009, the Audit Information System Approach + COBIT, Wancana Media Partners, Jakarta.www.google.comwww.wikipedia.orgwww.isaca.org