Determining evaluated domain process through problem identification using COBIT 5 framework

摘要

Problem identification is a way to determine what domains will be the focus discussed in a study. Some researchers have used the method to fit the goals of a company. This paper aims to identify problems based on COBIT 5. Methodology used: 1. Gather information from stakeholders to get issues to be evaluated, 2. Mapping company's objectives to obtain IT related goals, 3. Mapping IT related goal to define the process, 4. Merging enterprise goal and IT related goal to obtain process with P (primary) or S (secondary) scale, 5. Determining primary and secondary domain to be evaluated based on stakeholdersneed. Based on the results of detailed evaluation in the results show that the main problems are: related to the awareness of the employees to information security, regulation/policy, and IT human resources, so that the results of the identification of the problem domain should be studied in depth is EDM03 (Ensure Risk Optimization), APO01 (Manage the IT Management Framework), MEA01 (Monitor, Evaluate and Assess Performance and Conformance), and MEA02 (Monitor, Evaluate, and Assess the System of internal Control). While 10 other processes have secondary priority process.