Published: 2025-07-01
Evaluasi Tata Kelola Keamanan Informasi Menggunakan Framework COBIT 5 Domain APO13 dan DSS05 (Studi Kasus: Klinik Pratama Rawat Jalan Watumas)
DOI: 10.35870/jtik.v9i3.3528
Downloads
Abstract
The Watumas Outpatient Pratama Clinic is an institution that utilizes Information Technology (IT) to assist its operations and health services. IT empowerment in this clinic is carried out by the department responsible for the technology applied, including the management and storage of highly sensitive patient data. Considering the importance of protecting the data and information collected, a good security system is needed to protect the clinic from potential threats that could be detrimental. Evaluation of the quality of information security management is necessary to ensure that the information technology used is safe and trustworthy. This research adopts a qualitative approach through the use of the COBIT 5 framework, especially in the APO13 (Managing Security) and DSS05 (Managing Security Services) stages, to assess the level of information security implemented. Data was collected through observation, interviews, and the use of assessment sheet instruments. The research results show that both stages are at level 2 (Managed Process), while the level expected by the clinic is level 3 (Established Process). This indicates that there is a gap of one level in each process. This research also provides several recommendations for improving information security management by considering the gaps that arise.
Keywords
Evaluation ; Information Security ; Security Management ; Security Service Management ; COBIT 5
Article Information
This article has been peer-reviewed and published in the Jurnal JTIK (Jurnal Teknologi Informasi dan Komunikasi). The content is available under the terms of the Creative Commons Attribution 4.0 International License.
-
Issue: Vol. 9 No. 3 (2025)
-
Section: Computer & Communication Science
-
Published: %750 %e, %2025
-
License: CC BY 4.0
-
Copyright: © 2025 Authors
-
DOI: 10.35870/jtik.v9i3.3528
AI Research Hub
This article is indexed and available through various AI-powered research tools and citation platforms. Our AI Research Hub ensures that scholarly work is discoverable, accessible, and easily integrated into the global research ecosystem. By leveraging artificial intelligence for indexing, recommendation, and citation analysis, we enhance the visibility and impact of published research.
Tarwoto
Program Studi Sistem Informasi, Fakultas Ilmu Komputer, Universitas Amikom Purwokerto, Kota Banyumas, Provinsi Jawa Tengah, Indonesia.
Oktafia Heng Huice
Program Studi Sistem Informasi, Fakultas Ilmu Komputer, Universitas Amikom Purwokerto, Kota Banyumas, Provinsi Jawa Tengah, Indonesia.
Sri Wahyuningsih
Program Studi Sistem Informasi, Fakultas Ilmu Komputer, Universitas Amikom Purwokerto, Kota Banyumas, Provinsi Jawa Tengah, Indonesia.
-
Aditya, I. G. W., Juliharta, I. G. P. K., & Putri, I. G. A. P. D. (2023). PENERAPAN FRAMEWORK COBIT 2019 DALAM AUDIT TATA KELOLA SISTEM INFORMASI PADA LPD DESA BERABAN. JATI (Jurnal Mahasiswa Teknik Informatika), 7(4), 2592-2599. https://doi.org/10.36040/jati.v7i4.7142.
-
Afifah, U. (2022). Analysis of the Platform E-Learning Utilization on DSS05 Domain Using the COBIT 5 Framework at Private Universities in Riau Archipelago. Sistemasi: Jurnal Sistem Informasi, 11(1), 179-185. https://doi.org/10.32520/stmsi.v11i1.1679.
-
Algiffary, A., Herdiansyah, M. I., & Kunang, Y. N. (2023). Audit Keamanan Sistem Informasi Manajemen Rumah Sakit Dengan Framework COBIT 2019 Pada RSUD Palembang BARI. Journal of Applied Computer Science and Technology, 4(1), 19-26. https://doi.org/10.52158/jacost.505.
-
Alwi, E. I., & Ilmawan, L. B. (2021). Analisis Keamanan Sistem Informasi Akademik (SIAKAD) Universitas XYZ Menggunakan Metode Vulnerability Assessment. INFORMAL: Informatics Journal, 6(3), 131-135.
-
Anam, M. K., Putri, S. D., Yuliana, D., Yumami, E., & Lestari, T. P. (2023). Application Of the Cobit 2019 Framework to Analyse the Security Of Academic Information Systems. Decode: Jurnal Pendidikan Teknologi Informasi, 3(2), 296-309. https://doi.org/10.51454/decode.v3i2.192.
-
Ardhyka, R., Fidaiyah, A., & Meiyanti, R. (2023). Analisis Manajemen Risiko IT Menggunakan COBIT5 Pada Domain APO12. Jurnal Informasi dan Teknologi, 30-38. https://doi.org/10.37034/jidt.v5i1.325.
-
Aulia, N. A., Antoni, D., Syamsuar, D., & Cholil, W. (2021). Sistem tata kelola keamanan teknologi informasi berbasis framework COBIT 5 (Studi kasus: SMA Negeri 1 Palembang). Jurnal Informatika, 9(2), 30-37.
-
Cahyono, S. A., Mukaromah, S., & Wulansari, A. (2023). Perancangan Alat Ukur Tingkat Kapabilitas Manajemen Perubahan SPBE Menggunakan Kerangka Kerja Cobit 5. Jurnal Ilmiah Teknik Informatika dan Komunikasi, 3(3), 49-56. https://doi.org/10.55606/juitik.v3i3.615.
-
Devanti, K., Parwita, W. G. S., & Sandika, I. K. B. (2019). Audit Tata Kelola Teknologi Informasi Menggunakan Framework Cobit 5 Pada Pt. Bisma Tunas Jaya Sentral. Jurnal Sistem Informasi Dan Komputer Terapan Indonesia (JSIKTI), 2(2), 65-76.
-
Effendy, C. A., Paramarta, V., & Purwanda, E. (2024). Peran teknologi informasi, pengelolaan sumber daya manusia, dan sistem informasi rumah sakit dalam meningkatkan kinerja rumah sakit (Kajian literatur). Jurnal Review Pendidikan Dan Pengajaran (JRPP), 7(4), 13479-13489. https://doi.org/10.31004/jrpp.v7i4.34703.
-
Hardiansyah, R., Mursityo, Y. T., & Suprapto, S. (2020). Evaluasi Proses Tata kelola Keamanan Informasi Menggunakan COBIT 5 Dengan Proses APO13, DSS04 dan DSS05 (Studi Pada DISKOMINFO Kabupaten Sidoarjo). Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, 4(4), 1116-1124.
-
Heriyanto, H. (2023). Analisis perbandingan regulasi dan perlindungan hukum atas privasi data pasien di tiga Negara Asia Tenggara (Indonesia, Singapura, dan Laos). Jurnal Ners, 7(2), 1247-1259. https://doi.org/10.31004/jn.v7i2.16760.
-
Imany, Y. D., Putra, W. H. N., & Herlambang, A. D. (2019). Evaluasi Tata Kelola Keamanan Informasi menggunakan COBIT 5 pada Domain APO13 dan DSS05 (Studi pada PT Gagas Energi Indonesia). Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 3(6), 5926-5935.
-
Kusuma, R. P. (2020). Audit Teknologi Informasi Menggunakan Framework Cobit 5 Pada Domain Dss (Deliver, Service, and Support)(Studi Kasus: Konsultan Manajemen Pusat). Jurnal Digit: Digital of Information Technology, 9(1), 97-109.
-
Mulyanto, Y., Herfandi, H., & Kirana, R. C. (2022). Analisis Keamanan Wireless Local Area Network (Wlan) Terhadap Serangan Brute Force Dengan Metode Penetration Testing (Studi Kasus: Rs H. Lmanambai Abdulkadir). Jurnal Informatika Teknologi dan Sains (Jinteks), 4(1), 26-35. https://doi.org/10.51401/jinteks.v4i1.1528.
-
Simamora, F. (2024). Evaluasi Tata Kelola Keamanan Sistem Informasi Menggunakan Framework Cobit 5 (Studi Kasus: PT Bpr Xyz). JCOSIS (Journal Computer Science and Information Systems), 1(1), 8-13. https://doi.org/10.61567/jcosis.v1i1.174.
-
Sinaga, R., Samsinar, S., & Afriany, R. (2021). Information System Security Audit Based on the DSS05 Framework Cobit 5 at Higher Education XX. Berkala Sainstek, 9(1), 35.
-
Sodik, I. A., & Nugraheni, D. M. K. (2022). Implementation Cobit 2019 for Evaluation of Health Clinic Information System Governance in Central Java. Jurnal Teknik Informatika (Jutif), 3(6), 1549-1556. https://doi.org/10.20884/1.jutif.2022.3.6.361.
-
Triyunsari, D. (2023). Analisis Tingkat Kematangan Manajemen Layanan Pegawai Berbasis Teknologi Informasi Menggunakan Framework COBIT 5 Pada SMA Negeri 19 Palembang. Indonesian Journal of Multidisciplinary on Social and Technology, 1(2), 146-153. https://doi.org/10.31004/ijmst.v1i2.141.
-
Vansuri, R., Fauzi, A., Prasetyo, E. T., Negara, R., Ramadhan, R., Restu, A. M., & Firmansyah, R. R. (2023). Peran CIA (Confidentiality, Integrity, Availability) Terhadap Manajemen Keamanan Informasi. Jurnal Ilmu Multidisplin, 2(1), 106-113. https://doi.org/10.38035/jim.v2i1.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Authors who publish with this journal agree to the following terms:
1. Copyright Retention and Open Access License
Authors retain copyright of their work and grant the journal non-exclusive right of first publication under the Creative Commons Attribution 4.0 International License (CC BY 4.0).
This license allows unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
2. Rights Granted Under CC BY 4.0
Under this license, readers are free to:
- Share — copy and redistribute the material in any medium or format
- Adapt — remix, transform, and build upon the material for any purpose, including commercial use
- No additional restrictions — the licensor cannot revoke these freedoms as long as license terms are followed
3. Attribution Requirements
All uses must include:
- Proper citation of the original work
- Link to the Creative Commons license
- Indication if changes were made to the original work
- No suggestion that the licensor endorses the user or their use
4. Additional Distribution Rights
Authors may:
- Deposit the published version in institutional repositories
- Share through academic social networks
- Include in books, monographs, or other publications
- Post on personal or institutional websites
Requirement: All additional distributions must maintain the CC BY 4.0 license and proper attribution.
5. Self-Archiving and Pre-Print Sharing
Authors are encouraged to:
- Share pre-prints and post-prints online
- Deposit in subject-specific repositories (e.g., arXiv, bioRxiv)
- Engage in scholarly communication throughout the publication process
6. Open Access Commitment
This journal provides immediate open access to all content, supporting the global exchange of knowledge without financial, legal, or technical barriers.