p–ISSN: 2723 - 6609 e-ISSN: 2745-5254
Vol. 5, No. 8 August 2024 http://jist.publikasiindonesia.id/
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 9, September 2024 3760
Information and Technology Governance Capability
Analysis: Case Study of CV Wirelessindo
Reihan Putra Oktavio
1*
, Achmad Nizar Hidayanto
2
Universitas Indonesia Depok, Indonesia
Email:
*Correspondence
ABSTRACT
Keywords: IT
governance, cobit 2019, IT
service provider.
The implementation of information and technology (IT)
supports company sustainability. Large companies use IT as
an integral part of their business model. Digital strategies
must align with business strategies to achieve sustainability.
Wirelessindo, established in 2007, provides IT solutions
such as equipment, site surveys, network design and
security, and tower installations. Its mission is to increase
company productivity to win the competition in the era of
Industry 4.0. It is used to enhance customer service and
internal business process efficiency. Initial investigations
found issues with IT function mismatches, financial losses
due to data loss, IT equipment installation and configuration
errors, and business process incidents caused by emerging
risks. Identified root problems include employee knowledge
gaps, risk management disparities, errors in defining
business needs, and change management gaps. Based on
these findings, IT governance evaluation was chosen as the
research focus. This study aims to provide an overview of
CV Wirelessindo IT capability levels and recommend
improvements to meet expected levels. A mixed-method
approach and COBIT 2019 were used in this study. The
General Manager, IT Division Manager, Software
Development Team, Network Monitoring Team, Project
Manager, and HR Manager were selected as respondents
based on the RACI chart guidelines. Of the nine selected
objectives, BAI08 showed level 0. APO12, BAI02, BAI06,
BAI07, and DSS01 showed level 1. APO07, BAI10, and
DSS03 showed capability level 2. Therefore, 61
recommendations were provided to raise the IT governance
capability level to level 3 for all objectives.
Introduction
The implementation of Information Technology (IT) brings added value and new
opportunities to maintain sustainability for companies (Vidmar, Marolt, & Pucihar,
2021). The need to place IT as a medium to maintain corporate sustainability has already
been practiced by large companies. It becomes an integral part of maintaining a
Information and Technology Governance Capability Analysis: Case Study of CV Wirelessindo
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3761
sustainable business model. Therefore, a company's digital strategy needs to be aligned
with its business strategy. If this is realized, it will create the potential to build a more
sustainable business model (Ramadhana, Izaac, Tangka, & Mambu, 2023).
Wirelessindo is an IT solutions provider company that has been established since
2007. Wirelessindo's business activities include providing equipment, site surveys,
determining frequencies, network design, network security, installation, as well as tower
and grounding solutions. One of Wirelessindo's missions is "To increase company
productivity to be ready to win the competition in the era of the industrial revolution 4.0."
Therefore, IT is utilized in Wirelessindo's business processes both to enhance service
performance to customers and to improve the effectiveness of internal business processes.
As a company operating as an IT solutions provider, Wirelessindo is not immune
to issues in its daily business processes. Therefore, problem identification through
interviews is conducted to provide solutions to existing problems. The problem
identification is carried out from the perspective of IT governance. Consequently, the
interviewees are managers and staff from the IT Division of Wirelessindo. This aims to
ensure that the interviewees have sufficient knowledge regarding the implementation and
utilization of IT at Wirelessindo.
The interview was conducted from the perspective of IT governance in the
company. Therefore, the findings obtained are grouped based on focus areas in IT
governance (Putra, Sunyoto, & Nasiri, 2020). The focus areas of IT governance include
strategic alignment, the added value provided by information technology (IT), resource
management, risk management, and performance management. The results of incidents
based on interviews recapped on Tabel I.
Table I
Incident, Problem, and Focus Area
No.
Incident
Problem
Focus Area
1
The E-Invoice
application lacks the
template selection
feature needed for
business processes.
Functions of IT that do
not align with business
needs result in time
losses.
The added value
provided by
information
technology (IT)
2
The E-Archive
application does not
contain important
data that should be
included.
Losing critical data can
result in financial losses
for a company.
Risk management
3
Errors in the
installation and
configuration of
devices from the
established settings.
Errors in the installation
and configuration of IT
devices result in a
decrease in SLA ratings.
Resource management
4
Prolonged server
downtime due to rain
incidents.
Business processes halt
during a disaster.
Risk management
Reihan Putra Oktavio, Achmad Nizar Hidayanto
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3762
Their study on IT governance for healthcare organizations, (Alharbi, Sabra,
Alharbe, & Almajed, 2022) grouped determinant components into six categories:
Regulation, IT Services, Strategy, IT Infrastructure, Organization, and Human. Strategy
involves alignment steps between IT development, IT governance, and its business
processes. IT Services encompass the activities of running IT services. IT Infrastructure
refers to the components or tools used for providing IT services. Human includes human
factors involved in the development, management, and implementation of provided IT
services. Organization pertains to organizational interests in conducting business
processes. Meanwhile, regulation adheres to policies and regulations that must be
complied with both internally and externally. After determining the existing scope, the
existing issues can be mapped in a diagram. The Fishbone Diagram, a graphical technique
used to show several causes of a particular event (Coccia, 2020), is commonly used for
cause-and-effect analysis to identify complex interactions of the causes of a particular
problem or event in management science. Therefore, the initial problem analysis with the
identified root causes can be visualized with a Fishbone Diagram as shown in Fig 1 below.
Fig 1 Fishbone Diagram
According to the analysis using the fishbone diagram, the issues that occur can be
mapped based on the relevant dimensions. Upon further examination, these problems
stem from IT governance that is not aligned and operationalized according to business
needs. These issues fall within the focus areas of IT governance, such as adding value
through IT, managing IT risks, and resource management (Arief, Natsir, Khairan, &
Sensuse, 2020).
The research regarding IT governance in IT service companies has already been
done in previous studies. (Martin, 2023) had already studied the IT Governance capability
level using the COBIT 5 framework with EDM, DSS, and MEA as the focus of the study.
(Imania, 2024) also had already done a study regarding IT governance evaluation on IT
Information and Technology Governance Capability Analysis: Case Study of CV Wirelessindo
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3763
service companies using COBIT 5 framework with the APO domain as the focus of the
study. (Lubna, Muhammad, & Purwanto, 2023) also did a study identifying the level of
IT governance and assessing the capability level of an IT service company using the
COBIT 2019 framework, using the APO and DSS domain as the focus. Based on the
description, the evaluation method and focus may differ, based on the needs of the subject
company. Therefore, further studies regarding the IT governance capability level shall be
done to determine the right method and the right solution.
This research was conducted to measure and evaluate the level of IT governance
capability at CV Wirelessindo as an IT service company. The measurement results of this
research are then used as a benchmark for researchers in proposing recommendations for
improving governance that can be adapted by CV Wirelessindo. In addition to being
aimed at improvement efforts for the object of research, it is also expected that this
research will be useful for similar studies or other research focusing on the field of IT
governance.
Research Methods
The case study in this research is CV Wirelessindo in Bogor City. The research
focuses on the process of information technology governance at Wirelessindo to evaluate
its management level. The evaluation results will be used as a basis for designing
recommendations that can be implemented by CV Wirelessindo. It is hoped that the
recommendations provided will have a positive impact by improving information
technology governance in the company.
This research utilizes a mixed-method approach (Dawadi, Shrestha, & Giri, 2021).
Qualitative methods are employed in the exploration phase, questionnaire development,
collection of additional information, and necessary validation in research design.
Meanwhile, the quantitative approach is implemented to collect data from questionnaires
and calculate the level of IT governance capability. The research is designed by
leveraging information from literature, documents, interviews, and questionnaires. Data
from interviews and questionnaires are collected both directly and on online platforms
such as Google Meet with stakeholders.
This approach aligns with the COBIT 2019 framework (ISACA, 2018a), which
serves as the primary basis for data collection. Data to measure management level is
collected through questionnaire completion. The questionnaires are filled out using
interview methodology with guidance during completion to prevent misinterpretation by
respondents, considering their content within the COBIT 2019 framework may be subject
to debate. Questionnaire respondents are selected based on the RACI chart guideline,
focusing on the IT Division and relevant parties directly involved with the IT Division at
Wirelessindo to ensure precise targeting.
Objective Determination Phase
There is a new method introduced by Goals Cascading in COBIT 2019 compared
to COBIT 5 (Fernandes, Almeida, & Mira da Silva, 2020). COBIT 2019 presents a
methodology for prioritizing specific management objectives to align with the needs of
Reihan Putra Oktavio, Achmad Nizar Hidayanto
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3764
the organization. This methodology addresses accuracy issues present in COBIT 5. Thus,
the Goals Cascading steps in COBIT 2019 are as follows (ISACA, 2018):
1. Mapping stakeholder needs to COBIT 2019 Enterprise Goals,
2. Mapping Enterprise Goals to COBIT 2019 Alignment Goals,
3. Mapping Alignment Goals to COBIT 2019 Governance Objectives and Management
Objectives,
4. Prioritizing governance and management objectives according to the company's needs.
Stakeholder needs represent the needs of the company. These needs can include the
company's vision, mission, or strategic goals (Nyoto & Nyoto, 2023). Meanwhile, the
prioritization of governance and management objectives can be adjusted according to the
goals or issues faced by the company related to IT governance. This aligns with the
flexible methodology offered by COBIT 2019.
Data Collection Phase
After the prioritized governance and management objectives are concluded, the
next phase shall be the data collection. The data collection was carried out by completing
questionnaires on-site, and the questionnaires were filled out by the author based on the
results of interviews and discussions with respondents. All involved respondents
completed the questionnaires. Purposive sampling was used to determine the research
informants based on their specialties (Mweshi & Sakyi, 2020).
Results and Discussion
The method of processing the questionnaire filling data is as follows:
1. If the level has not been determined, then:
The initial stage is to determine the level, which begins by calculating the
questionnaire for capability level 2 from respondents 1 to N. After obtaining the
questionnaire as shown in TABLE VIII, the ranking calculation is carried out.
Table 2
Rating Illustration
In the (1) formula used, "Number of Activities Performed" refers to the total "Yes"
answer in the questionnaire. The "Total Activity" label in the measurement formula
reflects the total of all activities for a capability level. For example, if four activities
receive a "Yes" answer out of a total of five activities at capability level 2, then "Number
Objective
Level 0
Level 1
Level 2
Level 3
Level 4
Level 5
ABCXX
Criteria
Rating
FALSE
80% (L)
Capability
Level
Achieved
-
1
Information and Technology Governance Capability Analysis: Case Study of CV Wirelessindo
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3765
of Activities Performed" is 4, and "Total Number of Activities" is 5. This calculation will
yield a value of 80% as the rating amount. The rating amount will be converted into one
of the four ranking categories (N, P, L, F) as the result of the ranking measurement which
is then displayed in the ranking results table as illustrated in Table 2.
2. If has not reached level 1 or the measurement results from the level 2 capability
questionnaire ≤ 50%, then:
If the results of the rating measurement show a value of N or P, this indicates that
capability level 1 has not been reached, therefore the achievement of capability is at level
0.
3. If has reached level 1 or the measurement results from the level 2 capability
questionnaire > 50%, then:
If the results of the rating measure reach an “F” value, this indicates that the
distribution of the questionnaire for the next level of capability can be continued.
However, if the rating magnitude shows an “L” value, this indicates that the level of
capability achieved is level 1, and there is no need to proceed to the deployment of the
follow-up questionnaire.
4. If an advanced questionnaire is deployed, the data processing process returns to the
first step, but the X level increases to level (X + 1) or corresponds to the level of
measurement being analyzed.
After the data is processed and converted into recommendations, the last stage is to
validate the recommendations. This activity is carried out to find out whether the
recommendations can be accepted by stakeholders (Martin, 2023). In this study, the IT
Division Manager of CV Wirelessindo was selected as a respondent using the purposive
sampling method. This is because the IT Division Manager is interested in managing
information technology in the company. Interviews are conducted to obtain information
from each recommendation given. Illustrations of the information provided are in Table
3.
Table 3
Validation Recommendation Illustration
Validation
Recommendat
ions
Activity
Not
Required
Not
Capable
Capable
with
efforts
Fully
Capable
Information
ABCXX
Efforts
Recommendat
ions Towards
Level 3
Provide
employee
training on
performance
and behavior
upheld by
the
company.
Y
Training
needs careful
planning
because it has
to match the
schedule of
each branch
The recommendations given can be grouped into four categories: (1) not required,
(2) not capable, (3) capable with effort, and (4) fully capable (Setiyowati, 2019). If the
answer is between (1) to (3), Things that hinder the company from being able to carry out
Reihan Putra Oktavio, Achmad Nizar Hidayanto
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3766
the recommendations given can be taken from the results of the validation of
recommendations that are not fully capable.
The selected COBIT 2019 objectives were used as the basis for creating the
questionnaire. To identify these objectives, the process started by matching XYZ's
strategic alignment with COBIT 2019's Enterprise Goals (EG). Eleven strategic
alignments (SA) were identified from XYZ's Company Profile documents. There are 13
Enterprise Goals for COBIT 2019 (ISACA, 2018b). From this alignment, EG01, EG02,
EG05, EG06, EG08, EG10, and EG13 were identified as the relevant Enterprise Goals.
The mapping of strategic alignment into enterprise goals is shown in Fig 2.
Fig 2 Strategic Alignment to Enterprise Goals Alignment
Next is the mapping between the selected enterprise goals to the alignment goals
of COBIT 2019. The mapping carried out on seven enterprise goals resulted in eight
selected alignment goal points from the COBIT 2019 framework: AG02, AG05, AG06,
AG07, AG08, AG09, AG12, AG13. The eight selected alignment goal points are marked
with a green line in the "COBIT 2019 Alignment Goals 2019" column. A summary of the
results of this mapping is listed in Table 4.
Table 4
Mapping of Enterprise Goals to Alignment Goals COBIT 2019
Alignment Goals COBIT 2019
Code
Code Enterprise Goals
IT compliance that supports business
compliance with government or external laws
and regulations
AG01
EG02-S
Organizational IT risk management
AG02
EG02-P, EG06-S
Realization of benefits from IT services
investments and portfolios
AG03
EG01-S, EG05-S
Information and Technology Governance Capability Analysis: Case Study of CV Wirelessindo
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3767
Quality of the organization's financial
information related to technology
AG04
Delivery of information technology services that
have been tailored to the business
AG05
EG01-P, EG05-S, EG06-
S, EG08-S
Agility in transforming business needs into
operational solutions
AG06
EG01-P, EG05-S, EG08-
S, EG13-S
Information security, applications,
infrastructure, and privacy security
AG07
EG02-P, EG06-P
Integration of applications and technology to
support business processes
AG08
EG01-P, EG05-P, EG08-
S, EG10-S, EG13-S
Timely program delivery, according to cost,
quality standards, and business interests
AG09
EG01-P, EG05-S, EG08-
S, EG13-S
Quality of IT information management
AG10
IT compliance with internal rules and
regulations
AG11
EG02-S
Competent employees who understand
technology and business
AG12
EG05-S, EG10-P
Understanding, knowledge, and effort in
building business innovation
AG13
EG01-P, EG13-P
Data collection at this stage was conducted using a questionnaire that included
activities from the nine mapped objectives. The entire content of the questionnaire for the
nine objectives was prepared based on the guidance in Chapter 4 (detailed guidance) from
the book "COBIT 2019 Framework: Governance and Management Objectives" (ISACA,
2018a). The activities from the objectives listed in the guidance were translated and
organized according to the objectives and their levels. The selection of respondents has
been described in section II.II. The criteria for responsibility have been adjusted to match
the scope of expertise and responsibilities at the case study location. Calculations
performed on all objectives yield the following calculation results:
1. APO07 capability level 2 objective rating = 17/18 × 100%=94,44% (Fully).
2. APO07 capability level 3 objective rating = 6/12 × 100%=50% (Largely).
3. APO12 capability level 2 objective rating = 4/6 × 100%=66,67% (Largely)
4. BAI02 capability level 2 objective rating = .4/5 × 100%=80% (Largely)
5. BAI06 capability level 2 objective rating = 4/8 × 100%=50% (Largely).
6. BAI07 capability level 2 objective rating = 11/22 × 100%=50% (Largely).
7. BAI08 capability level 2 objective rating = 0/5 × 100%=0% (Not).
8. BAI10 capability level 2 objective rating = 5/5 × 100%=100% (Fully).
9. BAI10 capability level 3 objective rating = 4/6 × 100%=66,67% (Largely).
10. DSS01 capability level 2 objective rating = 9/12 × 100%=75% (Largely).
11. DSS03 capability level 2 objective rating = 9/9 × 100%=100% (Fully).
12. DSS03 capability level 3 objective rating = 6/8 × 100%=75% (Largely).
Reihan Putra Oktavio, Achmad Nizar Hidayanto
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3768
The findings from each selected objective show a variation in the levels of IT
governance capability at Wirelessindo. After calculation, it was found that out of the nine
objectives, one objective has a capability level of 0, five objectives are at capability level
1, and three objectives are at capability level 2. Based on a confirmation interview with
the IT Division Manager of Wirelessindo, it was revealed that the expected IT governance
capability level is currently level 3 for all objectives. A summary of the findings regarding
the capability levels and the expected capability levels is presented in Fig 3.
Fig 3 Findings on the IT Governance Capability Levels at CV Wirelessindo
The findings on objective APO07 (Managed Human Resource) indicate that
seventeen out of eighteen activities at capability level 2 have been completed, resulting
in a score of 94.44% (Fully). This is supported by various documents, including Meeting
Minutes with All Wirelessindo Branches, Job Application Documents, Employee
Recruitment Standards, Third-Party Work Contracts, Employee Work Contracts, and
others. The questionnaire was then continued to capability level 3, where six out of twelve
activities were completed, yielding a score of 50% (Largely). This is backed by Job
Application Documents, Minutes of HR and Project Division Meetings, NSA
Certification Documents, and others. The recommendation is given for the company to
reach Level 3 on this objective mainly conducting training for employees, managing the
knowledge in the company, and enhancing the evaluation activities for the employees.
The calculations of the capability level are detailed in Table 5.
Table 5
Summary of Findings for Objective APO07
Objective
Level 0
Level 1
Level 2
Level 3
Level 4
Level
5
Information and Technology Governance Capability Analysis: Case Study of CV Wirelessindo
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3769
The findings on objective DSS03 (Managed Problems) show that nine of the nine
activities for level 2 capabilities have been carried out. Therefore, the objective rating at
level 2 capability level reaches 100% (Fully). Supporting findings related to this are the
existence of Auto Mail, Network Monitoring System Reports, Corrective Service Forms,
Training Documents, and others. The next questionnaire is for assessing level 3 capability
levels. Findings show that four of the six activities have been carried out. Therefore, the
objective rating at level 3 capability level reaches 66.67% (Largely). This finding is
supported by Visit Data Reports, Corrective Service Forms, Disturbance Reports, and
others. This shows that the capability level for DSS03 is at level 2. The recommendation
given for the company to reach Level 3 on this objective mainly prioritizes solutions for
every problem based on the impact given and defining permanent change for every
change management. The calculation regarding the objective capability level is according
To Table 6.
Table 6
Summary of Findings for Objective DSS03
After recommendations for the company are formulated, the recommendations are
then discussed with stakeholders at CV Wirelessindo. At this stage, the intended resource
person is the IT Division Manager from Wirelessindo. The recommendations given are
grouped into four categories: Not Required, Not Capable, Capable with Efforts, and Fully
APO07
False if
capability
level =/> 1
Criteria
Rating
FALSE
94,44%
(F)
50%
(L)
Achieved
Capability
Level
-
1
2
Objective
Level 0
Level 1
Level 2
Level 3
Level 4
Level 5
BAI10
False if
capability level
=/> 1
Criteria
Rating
FALSE
100%
(F)
75%
(L)
Achieved
Capability
Level
-
1
2
Reihan Putra Oktavio, Achmad Nizar Hidayanto
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3770
Capable. Based on the results of the discussion of the 61 recommendations provided, the
results are as follows:
1. Fully Capable with 51 recommendations.
2. Capable with Efforts 8 recommendations.
3. Two recommendations are Not Required.
To create documents, and procedures, and manage knowledge effectively,
Wirelessindo must first organize its existing information and knowledge.
Recommendations for training require additional effort because Wirelessindo's offices
are spread across several branches, each with its schedule. Merging internal and external
knowledge poses challenges since knowledge is a commodity in Wirelessindo's industry,
necessitating careful budgeting to acquire valuable knowledge. Lastly, the
recommendations for emergency changes and configuration matching are deemed
unnecessary by Wirelessindo, as all IT changes are currently managed solely by the IT
Division.
Conclusion
This research analyzes the IT capabilities at CV Wirelessindo by selecting nine
objectives through a cascading goal process based on the company's strategic targets. Of
the twenty-five objectives that correspond to cascading goals, nine were selected to
address emerging IT problems. Research findings show the capability level of each
objective, with BAI08 (Managed Knowledge) at level 0, APO12 (Managed Risk), BAI02
(Managed requirements definition), BAI06 (Managed IT Changes), BAI07 (Managed IT
Change Acceptance and Testing), and DSS01 (Managed operations) at level 1, and
APO07 (Managed human resources) and DSS03 (Managed problems) at level 2.
Discussions revealed that CV Wirelessindo expects IT capabilities at level 3 for all
selected objectives, but the results of the questionnaire show that none have yet been
achieved. reach that level. Improvement recommendations are provided and validated to
stakeholders, including steps to achieve IT capability level 3 in stages according to gaps
in each objective, to ensure the possibility of future implementation.
Information and Technology Governance Capability Analysis: Case Study of CV Wirelessindo
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3771
Bibliography
Alharbi, Fawaz, Sabra, Mohammed Nour A., Alharbe, Nawaf, & Almajed, Abdulrahman
A. (2022). Towards a strategic it grc framework for healthcare organizations.
International Journal of Advanced Computer Science and Applications, 13(1).
Arief, A., Natsir, D., Khairan, A., & Sensuse, D. I. (2020). It governance audit and
determination of work priorities using analytical hierarchy process: Case studies
the government of north Maluku, Indonesia. Journal of Physics: Conference Series,
1577(1), 12046. IOP Publishing.
Coccia, Mario. (2020). Fishbone diagram for technological analysis and foresight.
International Journal of Foresight and Innovation Policy, 14(2–4), 225–247.
Dawadi, Saraswati, Shrestha, Sagun, & Giri, Ram A. (2021). Mixed-methods research: A
discussion on its types, challenges, and criticisms. Journal of Practical Studies in
Education, 2(2), 25–36.
Fernandes, André, Almeida, Rafael, & Mira da Silva, Miguel. (2020). A flexible method
for COBIT 2019 process selection.
Imania, Friska. (2024). Evaluasi Tata Kelola Teknologi Informasi Menggunakan
Framework COBIT 5 Pada PT SJA. Scientica: Jurnal Ilmiah Sains Dan Teknologi,
2(2), 117–125.
Lubna, Lubna, Muhammad, Alva Hendi, & Purwanto, Agus. (2023). Identifikasi level
tata kelola ti dan penilaian tingkat capability level menggunakan cobit 2019. JIPI
(Jurnal Ilmiah Penelitian Dan Pembelajaran Informatika), 8(3), 815–827.
Martin, Kevin. (2023). COBIT 5 Capability Level of Information Technology
Governance at PT ABC. 2023 8th International Conference on Business and
Industrial Research (ICBIR), 753–758. IEEE.
Mweshi, Geoffrey Kapasa, & Sakyi, Kwesi. (2020). Application of sampling methods for
the research design. Archives of Business Review–Vol, 8(11), 180–193.
Nyoto, Rebecca La Volla, & Nyoto, Nyoto. (2023). Analisis Kapabilitas Tata Kelola
Teknologi Informasi Perguruan Tinggi Xyz Menggunakan Cobit 2019. JOISIE
(Journal Of Information Systems And Informatics Engineering), 7(1), 25–34.
Putra, Angga Wijaya Narwa, Sunyoto, Andi, & Nasiri, Asro. (2020). Perencanaan Audit
Tata Kelola Teknologi Informasi Laboratorium Kalibrasi Menggunakan COBIT
2019 (Studi Kasus: Laboratorium Kalibrasi BSML Regional II). Jurnal Fisikom,
10(3), 241–247.
Ramadhana, Rizky, Izaac, Bryan Vallentino, Tangka, George William, & Mambu, Joe
Yuan. (2023). Information Technology Governance Analysis Using the COBIT
2019 Framework at PT. Daya Adicipta Wisesa. Jurnal Informasi Dan Teknologi,
Reihan Putra Oktavio, Achmad Nizar Hidayanto
Jurnal Indonesia Sosial Teknologi, Vol. 5, No. 8, August 2024 3772
141–146.
Vidmar, Doroteja, Marolt, Marjeta, & Pucihar, Andreja. (2021). Information technology
for business sustainability: a literature review with automated content analysis.
Sustainability, 13(3), 1192.
