Assessment of IT Risk Management at the Faculty of Industrial Engineering, Telkom University, Utilizing the COBIT 2019 Framework's APO12 Domain with LAM INFOKOM Standards Mapping


  • Adinda Laras Ayu Telkom University
  • Muharman Lubis Telkom University
  • Lukman Abdurrahman Telkom University
  • Ikhlas Fuad Zamzami King Abdul Aziz University
  • Raied Ali Alqahtani Prince Sultan University
  • Rafian Ramadhani Telkom University



IT Risk Management, COBIT 2019, Framework Mapping


In the era of rapid technological development, Information Technology (IT) plays a critical role in the operational aspects of companies/organizations, including educational institutions like Telkom University. The proper implementation of IT can enhance system efficiency and integration within an institution. IT Governance aims to ensure that the measurement of effectiveness and efficiency within an agency aligns with its strategic goals. Telkom University, especially the Faculty of Industrial Engineering, is one of the educational institutions focusing on the development of Information Technology to ensure that the information systems and technologies used in academic activities are effective. COBIT 2019 is a framework developed by ISACA to organize and implement strategies in information management and governance with international standards. In this analysis, the focus is on the APO12 domain of COBIT 2019, which plays a role in IT risk management. The Faculty of Industrial Engineering also requires standardization with LAM-INFOKOM, an accreditation body that establishes standards for risk management in informatics and computer science. This research aims to map the standards of LAM-INFOKOM and COBIT 2019 to determine the capability level of Risk Management. Additionally, it aims to provide recommendations for potential improvements in three aspects: people, process, and technology. The expected outcome of this research is to enhance risk management at the Faculty of Industrial Engineering, Telkom University, to align with LAM-INFOKOM standards and the institution's vision and mission. The results of the IT Risk Management analysis using the COBIT 2019 framework can also serve as a structured approach for other universities in improving IT Governance.


Download data is not yet available.


P. L. Bowen, M. Y. D. Cheung, and F. H. Rohde, “Enhancing IT governance practices: A model and case study of an organization’s efforts,” Int. J. Account. Inf. Syst., vol. 8, no. 3, pp. 191–221, 2007, doi: 10.1016/j.accinf.2007.07.002.

B. Sarifah, “Analisis Dan Perancangan Proses Manajemen Sistem Kontrol Internal Ti Menggunakan Kerangka Kerja Cobit 2019 Di Pt Inti (Persero),” e-Proceeding Eng., vol. 7, no. 3, pp. 9635–9642, 2020.

P. N. Anastasia and L. H. Atrinawati, “Perancangan Tata Kelola Teknologi Informasi Menggunakan Framework Cobit 2019 Pada Hotel Xyz,” JSI J. Sist. Inf., vol. 12, no. 2, pp. 1–9, 2020, doi: 10.36706/jsi.v12i2.12329.

A. Safitri, I. Syafii, and K. Adi, “Measuring the Performance of Information System Governance using Framework COBIT 2019,” Int. J. Comput. Appl., vol. 174, no. 31, pp. 23–30, 2021, doi: 10.5120/ijca2021921253.

S. C. I. Simatupang and M. I. Fianty, “Assessment of Capability Levels and Improvement Recommendations Using COBIT 2019 for the IT Consulting Industry,” G-Tech J. Teknol. Terap., vol. 7, no. 4, pp. 1391–13400, 2023, doi: 10.33379/gtech.v7i4.3141.

M. S. Fauzi, M. Lubis, L. Abdurrahman, F. S. Lubis, and H. Fakhrurroja, “Optimizing IT Human Capital: Evaluating and Crafting an Innovative Management System with COBIT 2019,” ACM Int. Conf. Proceeding Ser., pp. 545–550, 2023, doi: 10.1145/3629378.3629445.

B. E. Sibarani, “The Influence of Curriculum Based on the Indonesian National Qualifications Framework (KKNI) on the Quality of Student Learning (Studies on Students at the State University of Medan),” APTISI Trans. Technopreneursh., vol. 3, no. 2, pp. 171–180, 2021, doi: 10.34306/att.v3i2.179.

M. Spremić, “IT governance mechanisms in managing IT business value,” WSEAS Trans. Inf. Sci. Appl., vol. 6, no. 6, pp. 906–915, 2009.

A. Safitri, I. Syafii, and K. Adi, “Identifikasi Level Pengelolaan Tata Kelola SIPERUMKIM Kota Salatiga berdasarkan COBIT 2019,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 5, no. 3, pp. 429–438, 2021, doi: 10.29207/resti.v5i3.3060.

S. C. Putra and A. F. Wijaya, “Analysis of Information Technology Governance Using COBIT 2019 Framework (Case study: PT. Bangkit Anugerah Bersama),” J. Inf. Syst. Informatics, vol. 4, no. 4, pp. 1135–1151, 2022, doi: 10.51519/journalisi.v4i4.401.

F. Shafa Salsabila Khansa1*, Della Novia Ramadhan2, Ahmad Fadil Alfarisy3, “Perkembangan Evaluasi Tata Kelola Teknologi Informasi: Literature Review,” J. Comput. Sci. Eng., vol. 3, no. 2, pp. 60–70, 2022, doi: e-ISSN 2721-0251.

S. Palutturi, L. M. Saleh, M. Rachmat, J. A. Malek, and E. W. Nam, “Principles and strategies for aisles communities empowerment in creating Makassar Healthy City, Indonesia,” Gac. Sanit., vol. 35, pp. S46–S48, 2021, doi: 10.1016/j.gaceta.2020.12.013.

D. I. N. Afra, M. C. Rahmadan, D. I. Sensuse, S. Lusa, N. Safitri, and D. Elisabeth, “The Influence of Organizational Culture on Knowledge Management in Government Institution: A Systematic Literature Review,” in 2021 International Conference on Computer Science and Engineering (IC2SE), 2021, vol. 1, pp. 1–8, doi: 10.1109/IC2SE52832.2021.9792120.

A. Rubhasy and I. Maliki, “Rancangan Model Tata Kelola Teknologi Informasi pada Institusi Pendidikan Tinggi Menggunakan Pendekatan COBIT 5, ISO/IEC 38500, dan ITG4U,” pp. 1–12, 2018.

J. S. A. Rajjani, B. T. Hanggara, and Y. T. Musityo, “Evaluasi Manajemen Risiko Teknologi Informasi pada Department of ICT PT Semen Indonesia (Perseo) Tbk menggunakan Framework COBIT 2019 dengan …,” … Teknol. Inf. dan Ilmu …, vol. 5, no. 5, pp. 1734–1744, 2019, [Online]. Available:

E. Nachrowi, Yani Nurhadryani, and Heru Sukoco, “Evaluation of Governance and Management of Information Technology Services Using Cobit 2019 and ITIL 4,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 4, no. 4, pp. 764–774, 2020, doi: 10.29207/resti.v4i4.2265.

R. Anugrah, E. Utami, and A. H. Muhammad, “Analisis Manajemen Risiko TI Pada Perguruan Tinggi XYZ Berbasis COBIT 2019 Dengan Pertimbangan Domain APO12,” J. Ilm. Univ. Batanghari Jambi, vol. 22, no. 2, p. 991, 2022, doi: 10.33087/jiubj.v22i2.2175.

Z. Munawwaroh, “Analisis Manajemen Risiko Pada Pelaksanaan Program Pendidikan Dalam Upaya Meningkatkan Mutu Pendidikan,” J. Adm. Pendidik., vol. 14, no. 2, pp. 71–79, 2017, doi: 10.17509/jap.v24i2.8295.

S. Sugiyanto and A. A. Rahayu, “the Implementation of Risk Management and Its Effect on Good Cooperative Governance and Success,” J. Indones. Econ. Bus., vol. 33, no. 3, p. 243, 2019, doi: 10.22146/jieb.28570.

C. Septiawan and E. Sujana, “Model Sistem Manajemen Risiko Pada Perguruan Tinggi Kesehatan Swasta Di Indonesia (Studi Kasus Di Stikes Indonesia Maju),” Proceeding Semin. Nas. …, vol. 5, no. 1, pp. 63–81, 2020, [Online]. Available:

J. B. Soriano et al., “Prevalence and attributable health burden of chronic respiratory diseases, 1990–2017: a systematic analysis for the Global Burden of Disease Study 2017,” Lancet Respir. Med., vol. 8, no. 6, pp. 585–596, 2020, doi: 10.1016/S2213-2600(20)30105-3.

R. Yasirandi, A. Rakhmatsyah, and F. Kurniawan, “IT Risk Management dalam Operasional untuk Peningkatan Layanan Informasi Pesanan,” Krea-TIF, vol. 9, no. 2, p. 21, 2021, doi: 10.32832/kreatif.v9i2.5982.

A. R. Lubis, M. Lubis and C. D. Azhar, “The Effect of Social Media to the Sustainability of Short Message Service (SMS) and Phone Call,” Procedia Computer Science 161, 687-695 2020. DOI: 10.1016/j.procs.2019.11.172.

M. Lubis, R. C. Annisyah and L. Winiyanti, “ITSM Analysis using ITIL V3 in Service Operation in PT. Inovasi Tjaraka Buana,” IOP Conference Series: Materials Science and Engineering 847 2020. DOI: 10.1088/1757-899X/847/1/012077.

I. W. Wulandari, M. Lubis, W. Witjaksono and A. H. Azizah, "Implementation of Enterprise Resource Planning (ERP) using Integrated Model of Extended Technology Acceptance Model (TAM) 2: Case Study of PT. Toyota Astra Motor," Int. Conf. on Cyber and IT Service Management (CITSM) 2019. DOI: 10.1109/CITSM47753.2019.8965342.

S. J. Prasetyo, M. Lubis, R. W. Witjaksono and A. H. Azizah, “Critical Failure Factors in Enterprise Resource Planning (ERP) Implementation: Case Study of PT. Toyota Astra,” Int. Conf. on Informatics and Computing (ICIC) 2019. DOI: 10.1109/ICIC47613.2019.8985720.

A. D. Putri, M. Lubis and A. H. Azizah, “Analysis of Critical Success Factors (CSF) in Enterprise Resource Planning (ERP) Implementation using Extended Technology Acceptance Model (TAM) at Trading and Distribution Company,” Int. Conf. on Electrical, Telec. and Com. Engineering (ELTICOM) 2020. DOI: 10.1109/ELTICOM50775.2020.9230527.




How to Cite

Ayu, A. L., Lubis, M., Abdurrahman, L., Zamzami, I. F., Alqahtani, R. A., & Ramadhani, R. (2024). Assessment of IT Risk Management at the Faculty of Industrial Engineering, Telkom University, Utilizing the COBIT 2019 Framework’s APO12 Domain with LAM INFOKOM Standards Mapping. Electronic Integrated Computer Algorithm Journal, 1(2), 50–56.

Most read articles by the same author(s)