Rendra Trisyanto Surya, Syafrizal Ikram, Murhaban
AUDIT IT PROCESS PO-01 to ACADEMIC INFORMATION SYSTEM in
HIGHER EDUCATION POLYTECHNIC
USING THE COBIT FRAMEWORK
- Rendra Trisyanto Surya
1
, Syafrizal Ikram
2
, Murhaban
3
1
Politeknik Negeri Bandung, Indonesia,
2
Universitas Widyatama, Bandung, Indonesia,
3
Universitas
Malikussaleh Lhokseumawe, Aceh, Indonesia
Email : Rendratris2013@Gmail.com
1
, syafrizal.ikram@widyatama.ac.id
2
, murhaban@unimal.ac.id
3
Abstract
The role of information technology in higher education is to realize academic effectiveness.
Academic Information System (SIAK) which is loaded with the use of Information Technology (IT).
The PO1 IT Process Governance audit based on the COBIT standard, namely “Define a Strategic
Information Technology Plan” then became a strategic issue for the success of higher education
management, especially the SIAK Polytechnic campus which uses information technology-based
tools in its teaching and learning process. This study aims to measure the level of IT Process PO-01
governance in relation to Academic Information Systems in Vocational Model High Schools
(Polytechnics). The sample of this research is nine Vocational High Schools (Polytechnics) in
Bandung. From the results of the study, it is known that the IT Process Governance PO-01 at SIAk
Vocational Colleges is still at Level 2, namely "Repeatable but Intuitive". The effectiveness of
governance is still determined by the competence of the individual or part of the personnel who
carry out the IT Function (technical) and the assignment is ad-hoc. IT management at SIAk has not
been internalized and refers to Best Practice. But on the other hand, it has begun to be seen that the
Polytechnic management has a fairly good awareness of the importance of IT Governance and
wants to make it an enabler for the Academic Information System (SIAk). However, there is still a
fairly high gap between what is and what should be desired as in COBIT Best Practice.
Keywords: SIAk Governance; Best Practices; Maturity Level; Repeatable but Intuitive; IT
Process
PRELIMINARY
Today's universities sooner or later must utilize information technology to the enabler level, not
only as a mere efficiency tool. Information technology that is increasingly developing and
sophisticated, does require greater investment funds, and also increasingly complex operational
management capabilities due to the increasing complexity of the various risks that accompany it ( IT
Risk) (Akbar et al., 2022). Therefore, information technology must be managed based on the
principles of IT Governance in order to allow control of various existing and potential IT risks that
arise later in the process of adding value to the performance of an organization, including the
Polytechnic Vocational College organization, which uses a lot of tools. -Information technology-
based practice tools in the teaching-learning process (Belu & Stirbu, 2006).
The paradigm of the traditional management approach to the Academic Information System
(SIAk) must be changed. What was originally focused on achieving the effectiveness of existing IT
technically within the internal scope, became a new paradigm that focused on external, end-user
oriented , participatory and strategic. In higher education organizations, the most important use of
information technology is to provide services and overcome various problems in the academic area.
Academic problems are the Core Business of a Higher Education which is run through the Academic
Information System (SIAk) (Bergeron & Raymond, 1992). In fact, in many universities, SIAk is
managed solely on a software-oriented basis . The paradigm that undermines the role of IT, which
then causes SIAk to be unable to become an enabler as COBIT Best Practice should be, which has
now become an international standard in improving the performance of IT Management, which
includes the various Information Systems (Chatwarapitak, 2001).
Jurnal Sosial dan Teknologi (SOSTECH)
Volume 2, Number 8, Agustus 2022
p-ISSN 2774-5147 ; e-ISSN 2774-5155
Rendra Trisyanto Surya, Syafrizal Ikram, Murhaban
Audit it Process Po-01 Academic Information System Higher Education
Polyteknik Using the Cobit Framework
e-ISSN 2774-5155
p-ISSN 2774-5147
RESEARCH METHODS
This study uses qualitative methods , where the data collected is in the form of opinions /
opinions of 47 respondents from various polytechnics, which are converted into quantitative data
using the Scoring Method. While the type of research used is descriptive research based on what is
currently available, with a Case Study research approach .
As a sample, nine Vocational Universities (Polytechnics) were taken from 12 Polytechnics
(populations) in Bandung City, using purposive sampling method based on certain criteria, namely the
Polytechnic with the best quality in the eyes of the community, medium and low. The reason for
choosing vocational colleges as the sample in this study, is because the curriculum is denser than
general universities and has more practical content using Information Technology. The Polytechnic in
Bandung was used as a sample, because this city is a metropolitan city and a student city with the
fastest level of IT development in Indonesia (Utami, 2015).
The data collection instrument is in the form of a questionnaire, which was compiled and
developed based on the Detailed Control Objective (DCO ) for IT Process PO1 of the COBIT IT
Framework version 4.0, whose question items were made by considering six aspects of IT
Management (Kridanto Surendro, 2009), namely:
The condition of the Polytechnic Leader's Awareness (respondent) of IT Risk from the
implementation of the IT Process PO1 that has been carried out so far, and the control
communication pattern carried out, starting from the process of preparing, implementing and
changing the IT Plan to the SIAk.
Policies, Procedures and Standards used for IT Process PO1 in the context of SIAk
effectiveness of the skills and experience of personnel/managers who have been running IT
Process PO1 at the Polytechnic so far
The effectiveness of the tools used to automate various IT Process PO1 SIAk activities (IT
Plan)
Goals and Settings set for the measured IT Process PO1 (IT Pna SIAk)
Analysis of the collected data is then calculated to produce Maturity Levels using the Two-
Level Scoring Method. The data from this calculation is then used to determine the value of
IT Maturity Level from IT Process PO1 to SIAk.
From Figure-2, it can be seen that “Polytechnic Leaders Awareness” is very high to make SIAk
an enabler. Even the “Stakeholders” also agreed on the need to improve SIAk to be more effective,
because SIAk is the most important source of academic information in Higher Education information
systems, especially Polytechnics. Only socialization and communication are still low. This is because
Stakehlder and University Leaders consider that the management of SIAk is only done technically and
internally will produce an effective SIAk (Thompson, 1998).
Rendra Trisyanto Surya, Syafrizal Ikram, Murhaban
Audit it Process Po-01 Academic Information System Higher Education
Polyteknik Using the Cobit Framework
e-ISSN 2774-5155
p-ISSN 2774-5147
Figure
RESULTS AND DISCUSSION
The increasingly strategic role of Information Technology causes POLYTECHNIC Universities
that do not utilize this facility optimally, will be left far behind. Even the higher education institutions
will be burdened by the existence of various IT risks that are inherent in the process of using IT in
their Academic Information System (SIAk) (Fuada, 2019)(Grover et al., n.d.).
The role of Academic Information Systems based on today's IT developments does not only
cause various organizational activities and activities to become more efficient, effective and
systematic (Nicho, n.d.). However, it can also significantly improve the quality of academic services
due to the possibility of SIAk being an enabler for the implementation of the Tri Dharma of Higher
Education in Indonesia, especially for the ACADEMIC Function (Kelleher & O’Brien, 2001).
In order for SIAk to have a significant influence on the Academic Function, SIAk must be
managed with a maturity level that includes professional internal technical aspects to external non-
technical aspects, with reference to the COBIT IT Framework (Grover et al., n.d.)(Rebergen et al.,
2010) (Rebergen et al., 2010). The IT Framework, which is one of the Best Practices that is
increasingly recognized and popularly used internationally, has a successful methodology in
identifying, determining and mapping (control) various IT Processes that are carried out in managing
IT , including IT Process PO1 (Kettelhut & Schkade, 1991).
IT Process PO1 states that SIAk must be made based on the Long, Medium and Short term
Information Technology Development Strategic Plan (IT Plan). Then set indicators and control
objectives, in order to form an "enabler" IT (Roumegas, n.d.). From the results of this study, the
Maturity Level of 2, which is repeatable , indicates that Polytechnic Universities in Indonesia
generally already have an Academic Information System that is run based on certain Information
Technology Management although it is still integrated (become part) of the Polytechnic Development
Strategic Plan document. However, the IT Plan is not in accordance with COBIT Best Practices ,
0%
50%
100%
150%
200%
250%
Leadership awareness
of short term IT Plan
Leadership awareness
of long-range IT Plan
Leadership awareness
of the benefits of IT…
The IT Plan supports
the main goals of the…
Stakeholder concern
for IT Plan actors
Stakeholder
involvement in the…
Considering the factors
of IT Risk,…
Use of indicators
(metrics) to measure…
Leadership policies
follow IT…
Effectiveness of long
term teaching into…
Effectiveness of IT Plan
socialization and…
Leadership
commitment to…
SIAk development plan
in IT Plan
Realizing an E-Learning
System
DCO PO-01 SIAK Polytechnic Achievement Level
Rendra Trisyanto Surya, Syafrizal Ikram, Murhaban
Audit it Process Po-01 Academic Information System Higher Education
Polyteknik Using the Cobit Framework
e-ISSN 2774-5155
p-ISSN 2774-5147
because it has not been fully documented separately based on indicators and DCO so that it is easily
adapted to changes (Lennings et al., 2003).
Polytechnic Vocational Colleges in Indonesia, still separate SIAk from the strategic objectives
of the organization. Which means that the IT Plan for SIAK is only a complement (supporter). There
is a strong desire (Awareness) to make SIAk an enabler, due to the increasing existence of the E-
Learning System and anticipating the increasing dependence of Higher Education on IT (Mendes,
2013).
CONCLUSION
Nationally, the results of this study are expected to provide a more detailed and
comprehensive picture of how Information Technology Governance, especially the IT Plan for
Academic Information Systems in various campuses. However, to obtain more comprehensive results,
the sample data needs to be expanded to include clusters of Vocational Higher Education in other
cities in Indonesia. Another limitation of this research is that it is recommended to include public
universities outside of polytechnics (both public and private), so that the results of this study can
describe the condition of IT Governance for the IT Plan for SIAk which more comprehensively
describes the situation of academic information systems in Indonesia, not only polytechnics.
BIBLIOGRAPHY
Akbar, D., Mulia, S., Ningrum, W., & Syahputra, A. (2022). Audit Sistem Informasi Pengantaran
Barang Pada PT Samudera Arkan Nusantara Menggunakan Framework COBIT 4.1. Journal of
Digital Ecosystem for Natural Sustainability, 2(1), 34–38.
Belu, N., & Stirbu, L. (2006). Phases of implementation of ISO TS 16949: 2002 Quality Management
System. Proceedings of International Scientific Conference Modern Technologies, Quality,
Restructuring, TCMR–2006, 1231–1237.
Bergeron, F., & Raymond, L. (1992). The advantages of electronic data interchange. ACM SIGMIS
Database: The DATABASE for Advances in Information Systems, 23(4), 19–31.
Chatwarapitak, P. (2001). Purchasing system for 5Farms Company.
Fuada, S. (2019). Incident management of information technology in the indonesia higher education
based on COBIT framework: A review. EAI Endorsed Transactions on Energy Web, 6(21).
Grover, N., Soni, M. K., Ratih, I. G. A. D. S., Bayupati, I. P. A., Sukarsa, I. M., Broumi, S.,
Majumdar, P., Smarandache, F., Chandani, P., & Gupta, C. (n.d.). International Journal of
Information Engineering and Electronic Business (IJIEEB).
Kelleher, M., & O’Brien, S. (2001). An audit of admissions to an acute psychiatric unit. Irish Journal
of Psychological Medicine, 18(4), 132–136.
Kettelhut, M. C., & Schkade, L. L. (1991). Programmers, analysts and human service workers:
Cognitive styles and task implications for system design. Computers in Human Services, 8(2),
57–79.
Lennings, C. J., Copeland, J., & Howard, J. (2003). Substance use patterns of young offenders and
violent crime. Aggressive Behavior: Official Journal of the International Society for Research
on Aggression, 29(5), 414–422.
Mendes, F. F. (2013). A Method for Diagnosing Information Technology Governance Processes.
2013 46th Hawaii International Conference on System Sciences, 4395–4404.
Nicho, M. (n.d.). Operational Issues in Measurement Using COBIT.
Rebergen, D. S., Bruinvels, D. J., Bos, C. M., van der Beek, A. J., & van Mechelen, W. (2010).
Return to work and occupational physicians’ management of common mental health problems-
process evaluation of a randomized controlled trial. Scandinavian Journal of Work, Environment
& Health, 488–498.
Roumegas, L. (n.d.). Sustainable competitiveness for an aluminium foundry through an environmental
management system in the United Kingdom. Loughborough University.
Thompson, C. A. (1998). Quality: a multi-method exploration of the social construction of a
contested concept in the National Health Service. University of York.
Utami, G. R. (2015). Audit Tata Kelola Sistem dan Teknologi Informasi pada UPT Dinas Pendidikan
Kecamatan Panti Berdasarkan Standar COBIT 4.1. Universitas Muhammadiyah Jember.
