Determine The Level of Information Technology Risk to Optimization Capability Services Organization Using Cobit 5 In Indonesia

Abstract

Today's information technology (IT) has become a fundamental requirement for every organization and it is not uncommon today for an organization to have a high dependence on the use of IT. Information technology services in an organization must be well managed, so that IT use can be minimized and IT use can help achieve the main goals of the organization. The identification of information technology services and catalogs in the organization is one of the domains that exist in IT governance based on the COBIT 5 process.This process aims to ensure that what services the organization relates to the use of IT does not exceed tolerances, the impact of the use of IT that can be used. identified and the potential for failure can be minimized. The identification of information technology catalog services is in the governance domain, namely APO09 which consists of five sub processes namely APO09.01 (Identify IT Service), APO09.02 (Catalog IT Enabled Services), APO09.03 (Define and Prepare Service Agreements), APO09 .04 (Monitor and Report Service Levels), and APO09.05 (Review Service Agreement and Contract). Identification of information technology catalog services in the organization should be assessed to find out how the level of process capability is carried out by the organization and assist the organization in preparing corrective steps to increase the capability level. The process capability assessment model is designed to determine the level of IT risk optimization capability which consists of several capability levels starting from level 1 to level 5.