(IJCST-V11I3P20) :helmi Mulyadi, Fajar Masya
(IJCST-V11I3P20) :helmi Mulyadi, Fajar Masya
(IJCST-V11I3P20) :helmi Mulyadi, Fajar Masya
6. Process Name: APO12.03 Maintain risk profile 7. Process Name: APO12.04 Articulating Risk
Findings: Findings:
Maintaining a risk profile in Jakarta Smart City has Articulating risk in Jakarta Smart City has reached a
reached a level of capability at level 3, with an level of capability at level 3, with an average value of
average value of 2.95. Even so, there are still 2.96. Even so, there are still activities that are not
activities that are not optimal because currently there optimal because there is currently no operational
are no planning, monitoring, and adjustments to process to review the results of objective third-party
inventory business processes and document assessments by reviewing external audits and quality
information technology service management assurance, which will be included in the risk profile,
processes and information technology infrastructure as well as reviewing identified gaps and loss exposure
resources, as well as the process of identifying related to information technology. to determine the
support personnel, applications, infrastructure, need for additional risk analysis..
facilities, important manual records, vendors, gaps:
suppliers, and outsourcing. Besides, planning, a. There is no scheduled process to evaluate the
monitoring, and adjustments to aggregate current risk results of independent third-party
scenarios based on categories, business lines, and assessments repeatedly. This can result in a
functional areas are also not available. lack of understanding of the risks associated
gaps: with the T services and infrastructure used in
a. There's no complete and up-to-date Jakarta Smart City.
inventory of related resources, capabilities, b. A thorough analysis of T-related loss
and control activities related to risk exposure and gaps has not yet been
management.. conducted to determine the need for
additional risk analysis. As a result, there
REFERENCES
[1] Van Grembergen, W., De Haes, S., Guldentops,
E. (2004), Structures, Processes and Relational
Mechanisms for IT Governance, in Strategic for
Information Technology Governance, Van
Grembergen, W., Editor Idea Group Inc.
[2] Regulation of the Governor of the Special Capital
Region of Jakarta Province number 144 of 2019
concerning the Organization and Work Procedure
of the Communication, Informatics and Statistics
Services.
[3] ISACA. (2019). COBIT 2019 Implementation
Guide - Implementing and Optimizing an
Information and Technology Governance Solution.
ISACA.
[4] ISACA. (2016). COBIT 2019 Framework :
Introduction & Methodology.
[5] ISACA. (2019). COBIT 2019 Framework -
Governance and Management Objective.
Schaumburg: ISACA
[6] Decree of the Regional Secretary of the Special
Capital Region of Jakarta Province Number 22 of
2020 concerning Guidelines for Follow-Up
Handling of Public Complaints Through the
Citizen Relations Management Application.
[7] D. Darmawan and A. Wijaya, "Analysis and
Design of Information Technology Governance
Using the 2019 COBIT Framework at PT. XYZ",
Journal of Computer and Information Systems
Ampera, vol. 3, no. 1, pp. 1- 17, 2022