Analisis Analysis of IT Risk Management Using COBIT 5 Domain APO12 at XYZ Automotive Company in Palembang

Authors

  • Meilinda Meilinda Universitas Katolik Musi Charitas
  • Nevin Julian Masidin Universitas Katolik Musi Charitas
  • Agustio Dwitama Universitas Katolik Musi Charitas
  • Sri Andayani Universitas Katolik Musi Charitas https://orcid.org/0009-0000-3296-5550

DOI:

https://doi.org/10.32524/jusitik.v8i2.1360

Keywords:

Information Technology, Risk Management, Audit SI/TI, COBIT 5

Abstract

This research discusses Information Technology (IT) risk management at XYZ Company in Palembang, which operates in the automotive sector, using the COBIT 5 framework, specifically in the APO12 (Risk Management) domain. IT audits are conducted periodically to identify, assess, and manage IT risks that could potentially affect the company's business continuity. The research method applied includes interviews with the ICT (Information and Communication Technology) Manager, as well as several stages such as data collection, risk analysis, maintenance of risk profiles, risk communication, portfolio identification, and risk response. The findings reveal that the company faces various IT risks, including threats from environmental factors, human errors, and disruptions to systems and infrastructure. Based on the capability assessment, the company’s current condition (As-is) is at level 3 (Established Process), indicating that the risk management process is functioning well, though there is still room for improvement. The company aims to improve to level 5 (Optimizing Process), where risk management can be applied more comprehensively and sustainably. This research is expected to provide recommendations and controls to strengthen IT risk management, including improving IT Governance controls. By implementing more effective risk management, the company can minimize potential risks to IT continuity, enhance operational stability, and ensure efficiency in supporting its business continuity, thereby achieving excellence in the company.

Published

2025-07-02

Most read articles by the same author(s)