audit operasional pt.x menggunakan … halaman... · audit operasional menggunakan cobit 5...
TRANSCRIPT
AUDIT OPERASIONAL PT.X MENGGUNAKAN
FRAMEWORK COBIT 5
TUGAS AKHIR
Diajukan Guna Memenuhi Sebagian Persyaratan dalam Rangka Menyelesaikan
Pendidikan Sarjana Strata Satu (S1) Program Studi Teknologi Informasi
I Gede Oka Angga Pramana
NIM : 1204505013
JURUSAN TEKNOLOGI INFORMASI
FAKULTAS TEKNIK
UNIVERSITAS UDAYANA
2016
ii
iii
iv
v
vi
ABSTRAK
Audit operasional menggunakan COBIT 5 merupakan suatu bentuk audit
yang dilakukan auditor untuk mengetahui proses TI yang ada pada perusahaan.
Audit ini dilakukan untuk mengetahui tingkat kapabilitas proses TI yang ada pada
perusahaan apakah proses TI sudah digunakan secara baik dan optimal berdasarkan
COBIT 5 atau belum. Penelitian diawali dengan memetakan tujuan bisnis
perusahaan dengan tujuan bisnis menurut COBIT, dilanjutkan dengan memetakan
dengan tujuan TI dan didapatkan proses TI. Proses TI yang didapat kemudian di
perkecil untuk mendapatkan proses TI yang penting menurut petinggi perusahaan.
Proses TI ini kemudian dilakukan audit menurut framework COBIT untuk
mengetahui capability levelnya. Proses TI yang dilakukan audit sebanyak 3 proses,
dan hasil dari audit adalah proses EDM 01 berada pada level 1 sedangkan harapan
berada pada level 2, proses EDM 02 berada pada level 2 sedangkan harapan berada
pada level 3, dan proses DSS 02 berada pada level 4 sedangkan harapan berada
pada level 3. Penelitian juga membandingkan antara hasil audit(current capability)
dengan harapan petinggi perusahaan (expected capability). Gap didapat apabila
terdapat perbedaan antara current capability dengan expected capability. Saran dan
perbaikan kemudian diberikan terhadap proses yang memiliki gap dengan cara
memberikan beberapa perbaikan agar kedepannya proses diharapkan dapat sesuai
dengan harapan petinggi perusahaan.
Kata kunci : Audit TI, COBIT 5, Capability Level, Proses TI.
vii
ABSTRACT
A performance audit of information technology management is a form of
auditor audits conducted to determine the existing IT processes in the company.
These audits using COBIT 5 framework for determining the capability of existing
IT processes in the company whether IT has been used properly and optimally based
on COBIT 5 or not. The study begins by mapping the company's business objectives
with business objectives by COBIT, followed by mapping of IT goals and IT
processes is obtained. IT processes are obtained and then minimized to obtain
critical IT processes according to company officials. IT process is then conducted
an audit in accordance with the COBIT framework to determine the capability level.
IT processes are audited as much as 3 process, and the results of the audit is the
process of EDM 01 are at level 1, while expectations were at level 2, the EDM
process 02 are at level 2, while expectations were at level 3, and the DSS 02 is at
level 4 while expectations were at level 3. the study also compared the results of
the audit (current capability) with the hope of corporate executives (expected
capability). Gap obtained if there is a difference between the current capability with
the expected capability. Suggestions and improvements are then given to the
process that has a gap by providing some improvements to the process in the future
is expected to be in line with expectations company officials.
Keywords: IT audit, COBIT 5, capability level, IT process.
viii
KATA PENGANTAR
Puji Syukur dipanjatkan kehadapan Ida Sang Hyang Widhi Wasa/Tuhan
Yang Maha Esa karena atas Asung Kerta Wara Nugraha-Nya Tugas Akhir berjudul
“Audit Operasional PT.X Menggunakan Framework COBIT 5” dapat
diselesaikan. Ucapan terimakasih yang sedalam-dalamnya kepada semua pihak
yang telah memberikan bantuan dan bimbingan dalam penyusunan tugas akhir ini,
terutama kepada:
1. Ir. Ngakan Putu Gede Suardana, MT, Ph.D. selaku Dekan Fakultas Teknik
Universitas Udayana.
2. Bapak Dr.Eng. I Putu Agung Bayupati, S.T., M.T. selaku Ketua Jurusan
Teknologi Informasi Fakultas Teknik Universitas Udayana.
3. Bapak Dr.Eng. I Putu Agung Bayupati, S.T., M.T. selaku dosen
pembimbing I dan Bapak I Made Sukarsa, S.T., M.T. selaku dosen
pembimbing II yang telah banyak memberikan bantuan, petunjuk dan
bimbingan dalam menyelesaikan laporan Tugas Akhir.
4. Bapak A. A. Kt Agung Cahyawan Wiranatha, ST.,MT. selaku dosen
pembimbing akademik yang telah memberikan bimbingan selama
menempuh pendidikan di Jurusan Teknologi Informasi Fakultas Teknik
Universitas Udayana.
5. Kedua Orang Tua dan keluarga yang telah memberikan dan motivasi dalam
pembuatan tugas akhir ini.
6. Teman-teman seperjuangan dan segenanp civitas di Jurusan Teknologi
Informasi Universitas Udayana.
Penulis menyadari bahwa tugas akhir ini masih jauh dari sempurna. Akhir
kata penulis memohon maaf jika ada kesalahan dalam penulisan tugas akhir ini.
Denpasar, 27 Juni 2016
I Gede Oka Angga Pramana
ix
x
DAFTAR ISI
PERNYATAAN ........................................................ Error! Bookmark not defined.
LEMBAR PENGESAHAN TUGAS AKHIR ........ Error! Bookmark not defined.
BERITA ACARA TUGAS AKHIR ........................ Error! Bookmark not defined.
KATA PENGANTAR ........................................................................................ viii
ABSTRAK ............................................................................................................ vi
ABSTRACT ......................................................................................................... vii
DAFTAR ISI .......................................................................................................... x
DAFTAR GAMBAR .......................................................................................... xiii
DAFTAR TABEL .............................................................................................. xiv
BAB I ......................................................................... Error! Bookmark not defined.
1.1 Latar Belakang ................................................ Error! Bookmark not defined.
1.2 Rumusan Masalah ........................................... Error! Bookmark not defined.
1.3 Batasan Masalah ............................................. Error! Bookmark not defined.
1.4. Tujuan ............................................................. Error! Bookmark not defined.
1.5 Manfaat ........................................................... Error! Bookmark not defined.
1.6 Sistematika Penulisan ..................................... Error! Bookmark not defined.
BAB II ....................................................................... Error! Bookmark not defined.
2.1 State of The Art ............................................... Error! Bookmark not defined.
2.2 Latar Belakang Perusahaan ............................. Error! Bookmark not defined.
2.2.1 Sejarah PT.X ....................................... Error! Bookmark not defined.
2.2.2 Visi dan Misi Perusahaan .................... Error! Bookmark not defined.
2.2.3 Struktur Perusahaan............................. Error! Bookmark not defined.
2.2.4 Bisnis Proses PT.X .............................. Error! Bookmark not defined.
2.2.5 Bisnis Proses Manajemen Produksi Komunikasi Data PT.X ...... Error!
Bookmark not defined.
2.2.6 Bisnis Proses Aktivasi Komunikasi DataError! Bookmark not
defined.
2.2.7 Bisnis Proses Preventive Maintenance Error! Bookmark not defined.
2.3 Metode Penelitian ........................................... Error! Bookmark not defined.
2.3.1 Metode Penelitian Kuantitatif ............. Error! Bookmark not defined.
2.3.2 Metode Penelitian Kualitatif ............... Error! Bookmark not defined.
2.4 Metode Pengumpulan Data ............................. Error! Bookmark not defined.
xi
2.4.1 Angket (Questionnare) ........................ Error! Bookmark not defined.
2.4.2 Wawancara(Interview) ........................ Error! Bookmark not defined.
2.4.3 Pengamatan (Obervation) ................... Error! Bookmark not defined.
2.4.4 Ujian(Test) ........................................... Error! Bookmark not defined.
2.4.5 Dokumentasi........................................ Error! Bookmark not defined.
2.5 Audit Sistem Informasi ................................... Error! Bookmark not defined.
2.6 Model Framework TI ...................................... Error! Bookmark not defined.
2.6.1 ITIL ..................................................... Error! Bookmark not defined.
2.6.2 COSO .................................................. Error! Bookmark not defined.
2.6.3 ISO ...................................................... Error! Bookmark not defined.
2.6.4 CMMI (Capability Maturity Model Integration)Error! Bookmark
not defined.
2.7 COBIT 5 .......................................................... Error! Bookmark not defined.
2.7.1 Sejarah Perkembangan COBIT ........... Error! Bookmark not defined.
2.7.2 Definisi COBIT 5 ................................ Error! Bookmark not defined.
2.7.3 Lima Prinsip Dalam Cobit 5 ............... Error! Bookmark not defined.
2.7.4 Model Kapabilitas Dalam COBIT 5.... Error! Bookmark not defined.
BAB III ...................................................................... Error! Bookmark not defined.
3.1 Metodologi Penelitian ..................................... Error! Bookmark not defined.
3.2 Studi Kepustakaan .......................................... Error! Bookmark not defined.
3.3 Pemilihan Proses TI ........................................ Error! Bookmark not defined.
3.3.1 Identifikasi Tujuan Bisnis ................... Error! Bookmark not defined.
3.3.2 Identifikasi Tujuan TI.......................... Error! Bookmark not defined.
3.3.3 Identifikasi Proses TI .......................... Error! Bookmark not defined.
3.4.4 Management Awareness ...................... Error! Bookmark not defined.
3.4 Pengumpulan Data .......................................... Error! Bookmark not defined.
3.4.1 Wawancara .......................................... Error! Bookmark not defined.
3.4.2 Kuesioner ............................................ Error! Bookmark not defined.
3.4.3 Komposisi Data Responden ................ Error! Bookmark not defined.
3.5 Pengolahan dan Analisis Data ........................ Error! Bookmark not defined.
3.5.1 Analisis Tingkat Kepentingan Proses TIError! Bookmark not
defined.
3.5.2 Rancangan Kuesioner Tingkat KepentinganError! Bookmark not
defined.
3.5.3 Analisis Capability Level Proses TI .... Error! Bookmark not defined.
xii
3.5.4 Penilaian Capability Level .................. Error! Bookmark not defined.
3.5.5 Rancangan Kuesioner Capability LevelError! Bookmark not
defined.
3.7 Pengujian data ................................................. Error! Bookmark not defined.
3.8 Analisis Tingkat Kesenjangan (Gap level) ..... Error! Bookmark not defined.
3.9 Analisis Tingkat Kematangan dengan CMMI Error! Bookmark not defined.
3.9.1 Penilaian Tingkat Kematangan CMMIError! Bookmark not defined.
3.10 Saran dan Perbaikan ........................................ Error! Bookmark not defined.
BAB IV ...................................................................... Error! Bookmark not defined.
4.1 Pemilihan Proses TI ........................................ Error! Bookmark not defined.
4.1.1 Identifikasi Tujuan Bisnis ................... Error! Bookmark not defined.
4.1.2 Identifikasi Tujuan TI.......................... Error! Bookmark not defined.
4.1.3 Identifikasi Proses TI .......................... Error! Bookmark not defined.
4.1.4 Penentuan Responden Tingkat KepentinganError! Bookmark not
defined.
4.1.5 Penentuan Tingkat Kepentingan ......... Error! Bookmark not defined.
4.2 Penentuan Capability Level Proses TI ............ Error! Bookmark not defined.
4.2.1 Hasil Kuesioner Capability Level ....... Error! Bookmark not defined.
4.2.2 Penentuan Target Capability Proses TIError! Bookmark not defined.
4.3 Mengatasi Kesenjangan dari Capability Proses TIError! Bookmark not
defined.
4.3.1 Rekomendasi Proses EDM 01 ............. Error! Bookmark not defined.
4.3.2 Rekomendasi Proses EDM 02 ............. Error! Bookmark not defined.
4.3.3 Rekomendasi Proses DSS 02 .............. Error! Bookmark not defined.
4.4 Analisis tingkat kematangan (Maturity) dengan CMMIError! Bookmark not
defined.
4.4.1 Hasil Tingkat Kematangan EDM 01 (Manajemen Produksi Komunikasi
Data) Error! Bookmark not defined.
4.4.2 Hasil Tingkat Kematangan EDM 02 (Provisioning dan Aktivasi
Komunikasi Data) .......................................... Error! Bookmark not defined.
4.4.3 Hasil Tingkat Kematangan DSS 02 (Preventive Maintenance Jaringan
Akses Pelanggan) ........................................... Error! Bookmark not defined.
4.5 Analisis Perbedaan COBIT dan CMMI .......... Error! Bookmark not defined.
BAB V ........................................................................ Error! Bookmark not defined.
5.1 Simpulan ......................................................... Error! Bookmark not defined.
5.2 Saran ............................................................... Error! Bookmark not defined.
xiii
DAFTAR PUSTAKA ............................................ Error! Bookmark not defined.
DAFTAR GAMBAR
Gambar 2.1 Struktur Organisasi PT.X .................. Error! Bookmark not defined.
Gambar 2.2 Bisnis Proses Manajemen Produksi Komunikasi PT.X ........ Error!
Bookmark not defined.
Gambar 2.3 Bisnis Proses Aktivasi Komunikasi DataError! Bookmark not
defined.
Gambar 2.4 Preventive Maintenance PT.X ........... Error! Bookmark not defined.
Gambar 3.1 Tahapan Penelitian ............................. Error! Bookmark not defined.
Gambar 3.2 Contoh kuesioner capability level EDM 01Error! Bookmark not
defined.
xiv
DAFTAR TABEL
Tabel 2.1 Bisnis Proses pada Lintasarta ................ Error! Bookmark not defined.
Tabel 2.2 Bisnis Proses Komunikasi Data ............. Error! Bookmark not defined.
Tabel 2.3 Bisnis Proses Aktivasi Komunikasi DataError! Bookmark not
defined.
Tabel 2.4 Bisnis Proses Preventive Maintenance ... Error! Bookmark not defined.
Tabel 3.1 Tujuan Bisnis pada COBIT 5 ................. Error! Bookmark not defined.
Tabel 3.2 Tujuan TI Menurut COBIT 5 ................ Error! Bookmark not defined.
Tabel 3.3 Pemetaan Tujuan Bisnis dan Tujuan TIError! Bookmark not defined.
Tabel 3.4 Pemetaan Tujuan TI dengan Proses TI Error! Bookmark not defined.
Tabel 3.5 Deskripsi Serta Tujuan Proses TI .......... Error! Bookmark not defined.
Tabel 3.6 Responden Kuesioner Tingkat KepentinganError! Bookmark not
defined.
Tabel 3.7 Responden Kuesioner Capability Level .. Error! Bookmark not defined.
Tabel 3.8 Kuesioner Tingkat Kepentingan ............ Error! Bookmark not defined.
Tabel 4.1 Pemetaan Misi Perusahaan dengan Tujuan Bisnis COBIT 5. .. Error!
Bookmark not defined.
Tabel 4.2 Pemetaan Tujuan Bisnis dengan Tujuan TIError! Bookmark not
defined.
Tabel 4.3 Tujuan TI yang sesuai dengan tujuan perusahaan.Error! Bookmark
not defined.
Tabel 4.4 Pemetaan Tujuan TI dengan Proses TI Error! Bookmark not defined.
Tabel 4.5 Proses TI pada PT.X ............................... Error! Bookmark not defined.
Tabel 4.6 RACI Chart Penentuan Tingkat KepentinganError! Bookmark not
defined.
Tabel 4.7 Perhitungan Nilai Kuesioner KepentinganError! Bookmark not
defined.
xv
Tabel 4.8 Hasil Akhir Kuesioner Tingkat KepentinganError! Bookmark not
defined.
Tabel 4.9 Perhitungan Nilai Kuesioner KepentinganError! Bookmark not
defined.
Tabel 4.10 Hasil Akhir kuesioner Tingkat KepentinganError! Bookmark not
defined.
Tabel 4.11 Hasil Kuesioner Proses EDM 01 .......... Error! Bookmark not defined.
Tabel 4.12 Hasil Kuesioner Proses EDM 02 .......... Error! Bookmark not defined.
Tabel 4.13 Hasil Kuesioner Proses DSS 02 ............ Error! Bookmark not defined.
Tabel 4.14 Tingkat Kesenjangan dari Capability ProsesError! Bookmark not
defined.