ANALYSIS AND DESIGN OF IT GOVERNANCE FOR DIGITAL BANKING USING COBIT 2019 FRAMEWORK: A CASE STUDY OF PT XYZ

Abstract

Industrial revolutions and developments in ICT have shifted business activities, including banking, driving demand for digital financial services. However, this development comes with threats. In 2024, an IT incident at XYZ Bank revealed underdeveloped IT governance condition which led to a formal reprimand from OJK. Based on these concerns, this research will analyze the existing IT governance of XYZ Bank and design improved IT governance policies to enhance regulatory compliance, mitigate risks, and support business requirements. The research conducts an assessment and designs improvement using the COBIT 2019 and ISO 27001:2022 frameworks, focusing on prioritized processes identified through mapping against OJK regulations. The analysis is limited to high-priority processes which are EDM01, EDM03, APO01, APO02, APO10, APO12, DSS04, and DSS05. This research provides recommendations for improving IT governance processes capability levels to help XYZ Bank meet regulatory requirements and support the organization’s objective.