ABSTRAK
Lusia Silvana Aji & Ivanna Asnur Muskananfola:
Skripsi
Analisa Pengelolaan Teknologi Informasi dengan Framework COBIT 4.0 di PT Coca Cola Bottling Indonesia Jawa Timur
Pengelolaan teknologi informasi di dalam perusahaan telah menjadi perhatian dunia industri sekarang. Teknologi informasi memainkan peran yang penting, karena persaingan yang ada menuntut keakuratan informasi perusahaan.
Teknologi informasi yang dimanfaatkan harus dikelola dengan baik dan optimal.
Salah satu guidelines pengelolaan teknologi informasi adalah COBIT 4.0 (Control Objectives for Information and Related Technology 4.0) yang terdiri dari 4 domain, yang kemudian dibagi menjadi 34 proses. Domain-domain tersebut adalah Plan and Organise (PO), Acquire and Implement (AI), Delivery and Support (DS) dan Monitor and Evaluate (ME). Melalui pemanfaatan COBIT 4.0 sebagai guideline pengelolaan teknologi informasi, akan dapat diketahui level pengelolaan teknologi informasi di dalam perusahaan berdasarkan maturity model yang ada.
PT Coca Cola Bottling Indonesia Jawa Timur menaruh perhatian yang besar di dalam pemanfaatan dan pengelolaan teknologi informasi. Berdasarkan hasil wawancara pada bagian IT perusahaan dengan panduan pertanyaan yang berasal dari maturity model yang ada, diketahui bahwa PT Coca Cola Bottling Indonesia Jawa Timur berada pada level 4,6 di dalam pengelolaan IT-nya. Nilai level tersebut menggambarkan kondisi perusahaan yang telah melakukan pengaturan dan pengukuran terhadap pengelolaan IT-nya dan mulai melakukan pengembangan di dalamnya.
Kata kunci:
Pengelolaan teknologi informasi, COBIT 4.0 dan Maturity Model.
ABSTRACT
Lusia Silvana Aji & Ivanna Asnur Muskananfola:
Thesis
Analysis of Information Technology Governance with Framework COBIT 4.0 at PT Coca Cola Bottling Indonesia Jawa Timur
Nowadays IT governance at organization becomes attention of world industry. IT is playing an important role, because the competition demands better accuracy in organization information. Therefore, IT that is used have to be managed optimally.
One of the guidelines of IT governance is COBIT 4.0 (Control Objectives for Information and Related Technology 4.0) which contains 4 domains, being devided into 34 processess. Those domains are Plan and Organise (PO), Acquire and Implement (AI), Delivery and Support (DS) and Monitor and Evaluate (ME). By the using of COBIT 4.0 as a guideline of IT Governance, the level of the IT governance in organization can be identified, based on the maturity models.
PT Coca Cola Bottling Indonesia Jawa Timur puts big attention in the usage and management of IT. Based on the interview with the section of IT in the organization that uses question guideline derived from the maturity models, PT Coca Cola Bottling Indonesia Jawa Timur were known on level 4.6 for IT governance. This mark describes the company had been managing and measuring the IT governance and start developing inside.
Key words:
IT Governance, COBIT 4.0 and Maturity Model.
DAFTAR ISI
HALAMAN JUDUL ... i
LEMBAR PENGESAHAN... ii
KATA PENGANTAR ... iii
UCAPAN TERIMA KASIH... iv
LEMBAR PERSETUJUAN PUBLIKASI KARYA ILMIAH ... vi
ABSTRAK ... viii
DAFTAR ISI ... x
DAFTAR TABEL ... xiii
DAFTAR GAMBAR... xiv
DAFTAR LAMPIRAN... xv
1. PENDAHULUAN... 1
1.1. Latar Belakang... 1
1.2. Perumusan Masalah ... 2
1.3. Tujuan ... 2
1.4. Ruang Lingkup ... 2
1.5. Sistematika Penulisan ... 2
2. TEORI DASAR ... 4
2.1. Pengelolaan Teknologi Informasi (IT Governance) ... 4
2.2. COBIT Framework Model ... 5
2.2.1. Plan and Organise (PO)... 8
2.2.2. Acquire and Implement (AI)... 9
2.2.3. Deliver and Support (DS) ... 9
2.2.4. Monitor and Evaluate (ME) ... 10
2.3. Process Oriented... 10
2.3.1. Domain Plan and Organise (PO) ... 10
2.3.2. Domain Acquire and Implement (AI) ... 11
2.3.3. Domain Deliver and Support (DS) ... 11
2.3.4. Domain Monitor and Evaluate (ME)... 12
2.4. Maturity Models... 12
3. METODOLOGI PENELITIAN... 15
3.1. Flowchart Metodologi Penelitian ... 15
xi
3.2. Data yang Diperlukan ... 16
3.3. Cara Pengambilan Data... 17
4. PEMBAHASAN ... 18
4.1. Profil Perusahaan ... 18
4.1.1. Sejarah Coca Cola di Dunia ... 18
4.1.2. Sejarah Coca Cola di Indonesia... 18
4.1.3. Misi Perusahaan Coca Cola Amatil Indonesia ... 19
4.1.4. Budaya Perusahaan ... 19
4.1.5. Struktur Organisasi Perusahaan... 21
4.1.6. PT Coca Cola Bottling Indonesia Jawa Timur ... 23
4.2. Pengelolaan IT di PT Coca Cola Bottling Indonesia Jawa Timur... 24
4.2.1. Companion Program... 25
4.2.2. Interfaces/ Data Lingkages ... 25
4.2.2.1. Data Interface antara Aplikasi pada PC... 26
4.2.2.2. Data interface antara PC dan AS/400 ... 26
4.2.3. Aspek Keamanan ... 27
4.2.3.1. System Access... 27
4.2.3.2. Integritas Data ... 27
4.2.3.3. Backup dan Perbaikan ... 28
4.2.4. Kebutuhan Personil... 28
4.2.5. Kebutuhan Hardware... 28
4.2.6. Data Komunikasi ... 29
4.2.7. Kekurangan dan Permasalahan Pengelolaan IT... 30
4.2.7.1. Penggunaan Sistem Baru ... 30
4.2.7.2. Keamanan dan Integritas Data ... 31
4.2.7.3. Remote/ Keterlambatan... 31
4.2.8. Keuntungan Penggunaan IT B4PC ... 31
4.2.9. Aplikasi Tambahan ... 31
4.3. Pengumpulan Data ... 32
4.4. Pengolahan dan Analisa Data ... 32
4.4.1. Plan and Organise (PO)... 33
4.4.1.1. PO 1 Define a Strategic IT Plan ... 33
4.4.1.2. PO 2 Define the Information Architecture ... 37
4.4.1.3. PO 3 Determine Technological Direction ... 42
4.4.1.4. PO 4 Define the IT Processes, Organisation and Relationship ... 47
4.4.1.5. PO 5 Manage the IT Investment... 52
4.4.1.6. PO 6 Communicate Management Aims and Direction... 55
4.4.1.7. PO 7 Manage IT Human Resources... 59
4.4.1.8. PO 8 Manage Quality... 65
4.4.1.9. PO 9 Asses and Manage IT Risks... 69
4.4.1.10. PO 10 Manage Projects... 73
4.4.2. Acquire and Implement (AI)... 78
4.4.2.1. AI 1 Identify Automated Solutions ... 78
xii
4.4.2.3. AI 3 Acquire and Maintain Technology
Infrastructure ... 87
4.4.2.4. AI 4 Enable Operation and Use ... 91
4.4.2.5. AI 5 Procure IT Resources ... 95
4.4.2.6. AI 6 Manage Changes... 98
4.4.2.7. AI 7 Install and Accredit Solutions and Changes... 101
4.4.3. Deliver and Support (DS) ... 106
4.4.3.1. DS 1 Define and Manage Service Levels ... 106
4.4.3.2. DS 2 Manage Thrid-Party Service... 110
4.4.3.3. DS 3 Manage Performance and Capacity... 113
4.4.3.4. DS 4 Ensure Continuous Service ... 119
4.4.3.5. DS 5 Ensure Systems Security ... 124
4.4.3.6. DS 6 Identify and Allocate Costs ... 129
4.4.3.7. DS7 Educate and Train Users ... 132
4.4.3.8. DS8 Manage Service Desk and Incidents... 137
4.4.3.9. DS9 Manage the Configuration... 142
4.4.3.10. DS10 Manage Problems... 146
4.4.3.11. DS11 Manage Data... 151
4.4.3.12. DS12 Manage the Physical Environment... 156
4.4.3.13. DS13 Manage Operations ... 161
4.4.4. Monitor and Evaluate (ME) ... 168
4.4.4.1. ME 1 Monitor and Evaluate IT Performance... 168
4.4.4.2. ME 2 Monitor and Evaluate Internal Control... 174
4.4.4.3. ME 3 Ensure Regulatory Compliance... 178
4.4.4.4. ME 4 Provide IT Governance... 183
5. KESIMPULAN... 189
DAFTAR REFERENSI... 190
LAMPIRAN ... 191
DAFTAR TABEL
2.1. Maturity Model secara Umum ... 14
4.1. Level Pengelolaan Teknologi Informasi Domain PO... 77
4.2. Level Pengelolaan Teknologi Informasi Domain AI... 105
4.3. Level Pengelolaan Teknologi Informasi Domain DS... 168
4.4. Level Pengelolaan Teknologi Informasi Domain ME ... 188
5.1. Level Pengelolaan Teknologi Informasi di PT Coca Cola Bottling Indonesia Jawa Timur Berdasarkan Framework COBIT 4.0 ... 189
DAFTAR GAMBAR
2.1. Area-Area Fokus Pengelolaan IT... 4
2.2. Prinsip Dasar COBIT ... 6
2.3. Framework COBIT ... 7
2.4. Framework COBIT secara Keseluruhan... 8
2.5. Representation of Maturity Models ... 13
3.1. Flowchart Metodologi Penelitian ... 15
4.1. Struktur Organisasi Perusahaan... 21
4.2. Struktur Organisasi Bussiness Service Manager ... 22
4.3. Interfaces/ Data Lingkages... 26
4.4. Diagram Data Komunikasi B4PC Jakarta-Bali-Semarang Operation... 29
4.5. Diagram Data Komunikasi B4PC Bali-Semarang Operation... 30
DAFTAR LAMPIRAN
1. Daftar Pertanyaan PO 1 Define a Strategic IT Plan ... 191
2. Daftar Pertanyaan PO 2 Define the Information Architecture... 193
3. Daftar Pertanyaan PO 3 Determine Technological Direction... 196
4. Daftar Pertanyaan PO 4 Define the IT Processes, Organisation and Relationship ... 198
5. Daftar Pertanyaan PO 5 Manage the IT Investment... 200
6. Daftar Pertanyaan PO 6 Communicate Management Aims and Direction . 202 7. Daftar Pertanyaan PO 7 Manage IT Human Resources... 205
8. Daftar Pertanyaan PO 8 Manage Quality... 207
9. Daftar Pertanyaan PO 9 Asses and Manage IT Risks... 209
10. Daftar Pertanyaan PO 10 Manage Projects... 211
11. Daftar Pertanyaan AI 1 Identify Automated Solutions ... 213
12. Daftar Pertanyaan AI 2 Acquire and Maintain Application Software ... 215
13. Daftar Pertanyaan AI 3 Acquire and Maintain Technology Infrastructure . 217 14. Daftar Pertanyaan AI 4 Enable Operation and Use ... 219
15. Daftar Pertanyaan AI 5 Procure IT Resources... 221
16. Daftar Pertanyaan AI 6 Manage Changes... 223
17. Daftar Pertanyaan AI 7 Install and Accredit Solutions and Changes... 225
18. Daftar Pertanyaan DS 1 Define and Manage Service Levels ... 227
19. Daftar Pertanyaan DS 2 Manage Thrid Party Service... 230
20. Daftar Pertanyaan DS 3 Manage Performance and Capacity... 232
21. Daftar Pertanyaan DS 4 Ensure Continuous Service... 234
xvi
23. Daftar Pertanyaan DS 6 Identify and Allocate Costs ... 238
24. Daftar Pertanyaan DS 7 Educate and Train Users ... 240
25. Daftar Pertanyaan DS 8 Manage Service Desk and Incidents ... 242
26. Daftar Pertanyaan DS 9 Manage the Configuration... 244
27. Daftar Pertanyaan DS 10 Manage Problems... 246
28. Daftar Pertanyaan DS 11 Manage Data... 248
29. Daftar Pertanyaan DS 12 Manage the Physical Environment... 250
30. Daftar Pertanyaan DS 13 Manage Operations ... 252
31. Daftar Pertanyaan ME 1 Monitor and Evaluate IT Performance... 254
32. Daftar Pertanyaan ME 2 Monitor and Evaluate Internal Control... 256
33. Daftar Pertanyaan ME 3 Ensure Regulatory Compliance ... 259
34. Daftar Pertanyaan ME 4 Provide IT Governance... 261
35. Pengolahan Data PO 1 Define a Strategic IT Plan... 263
36. Pengolahan Data PO 2 Define the Information Architecture ... 265
37. Pengolahan Data PO 3 Determine Technological Direction... 268
38. Pengolahan Data PO 4 Define the IT Processes, Organisation and Relationship ... 270
39. Pengolahan Data PO 5 Manage the IT Investment ... 273
40. Pengolahan Data PO 6 Communicate Management Aims and Direction .... 276
41. Pengolahan Data PO 7 Manage IT Human Resources ... 279
42. Pengolahan Data PO 8 Manage Quality ... 281
43. Pengolahan Data PO 9 Asses and Manage IT Risks ... 283
44. Pengolahan Data PO 10 Manage Projects ... 285
45. Pengolahan Data AI 1 Identify Automated Solutions... 287
xvii
46. Pengolahan Data AI 2 Acquire and Maintain Application Software... 289
47. Pengolahan Data AI 3 Acquire and Maintain Technology Infrastructure... 291
48. Pengolahan Data AI 4 Enable Operation and Use ... 293
49. Pengolahan Data AI 5 Procure IT Resources... 295
50. Pengolahan Data AI 6 Manage Changes ... 297
51. Pengolahan Data AI 7 Install and Accredit Solutions and Changes ... 299
52. Pengolahan Data DS 1 Define and Manage Service Levels... 301
53. Pengolahan Data DS 2 Manage Thrid-Party Service ... 303
54. Pengolahan Data DS 3 Manage Performance and Capacity ... 305
55. Pengolahan Data DS 4 Ensure Continuous Service... 307
56. Pengolahan Data DS 5 Ensure Systems Security... 309
57. Pengolahan Data DS 6 Identify and Allocate Costs... 312
58. Pengolahan Data DS 7 Educate and Train Users... 314
59. Pengolahan Data DS 8 Manage Service Desk and Incidents ... 316
60. Pengolahan Data DS 9 Manage the Configuration ... 318
61. Pengolahan Data DS 10 Manage Problems ... 320
62. Pengolahan Data DS 11 Manage Data ... 322
63. Pengolahan Data DS 12 Manage the Physical Environment ... 324
64. Pengolahan Data DS 13 Manage Operations... 326
65. Pengolahan Data ME 1 Monitor and Evaluate IT Performance ... 328
66. Pengolahan Data ME 2 Monitor and Evaluate Internal Control... 330
67. Pengolahan Data ME 3 Ensure Regulatory Compliance ... 333
68. Pengolahan Data ME 4 Provide IT Governance ... 335
