Afifah Trista Ayunda
Universitas Pradita, Tangerang, Banten, Indonesia

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

Evaluation of Information System Governance Using COBIT 4.1 and Index KAMI to Measure Maturity and Security Levels in Bank Maju Elianna Katherine Untoro; Afifah Trista Ayunda
Jurnal Ilmiah Sistem Informasi Vol 5 No 2 (2026): May: Jurnal Ilmiah Sistem Informasi
Publisher : LPPM Universitas Sains dan Teknologi Komputer

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.51903/rtwth195

Abstract

The development of information technology requires the banking sector to implement measurable IT governance and information security to ensure operational reliability and customer data protection. However, many financial institutions, including Bank Maju, do not yet have a comprehensive picture of the maturity of IT governance and information security in an integrated manner. This study aims to evaluate the maturity of information technology governance using the COBIT 4.1 framework and to assess information security readiness using the KAMI Index version 5.0. This study uses a case study method with a descriptive qualitative approach through document analysis, observation, and assessment of IT processes in four COBIT 4.1 domains: Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate, and five main areas of the KAMI Index. The evaluation results show that Bank Maju’s IT governance maturity level is 3.58, or Level 3 (Defined Process), indicating that the process has been documented but not consistently and measurably implemented. The KAMI Index assessment shows information security readiness is in the Sufficient/Moderate category, with major weaknesses in risk management, asset management, and personal data protection. These findings indicate that weaknesses in IT governance directly impact the low effectiveness of risk management and information security. This research contributes to this by providing an integrated evaluation approach that links IT governance and information security readiness as a basis for formulating improvement recommendations in the banking sector.