30
2.4.3
Kerangka Kerja COBIT
COBIT
merupakan
IT Governance
Best
Practices
yang
membantu
auditor,
manajemen, pengguna untuk menjembatani aspek bisnis, kebutuhan kontrol dan aspek
teknis TI.
According
to
Anand
(2006,
p186),
the
COBIT
framework
provides
a
guidance
for the IT controls that must be established and integrated to achieve financial reporting
and
disclosure
objectives.
The
IT
controls should
consider
the
overall
governance
framework in supporting the quality and integrity of information.
Acording to Moeller (2009, p90), the COBIT framework is often described as a
pentagon covering five broad and interconnected areas of internal controls. COBIT’s
major areas of emphasis are arranged around the important core concept of IT
governance:
a. Strategic Alignment
Efforts should be in place to align IT operations and activities with all other
enterprise operations. These include establishing linkages between enterprise
business operations and IT plans as well as processes for defining, maintaining, and
validating quality and value relationships.
b. Value Delivery
Processes
should
be
in
place
to
ensure that
IT
and
other
operating
units
deliver
promised
benefits
throughout
a
delivery
cycle
and
with
a
strategy
that
optimizes
costs while emphasizing the intrinsic values of IT and related activities.
c. Risk Management
Management,
at
all
levels,
should
have
a clear
understanding
of an
enterprise’s
appetite for risk, compliance requirements, and the impact of significant risks. Both
 |