<![CDATA[Consumer behavior changes, the rapid digital innovation pace among competitors, and regulatory directives have compelled incumbent companies to accelerate digital transformation (DT) efforts. Previous research has successfully identified the influence of information technology governance (ITG) on organizational performance (OP), fully mediated by DT. However, a deeper understanding of the design of information security management mechanisms to guide the DT journey is still necessary. This study employs the Design Science Research (DSR) approach, based on the latest ISACA framework, COBIT 2019 Information Security Focus Area. A case study is conducted at BankCo, with data collection through interviews and document triangulation. Solution design and implementation roadmaps are based on gaps identified from the assessment of the three BankCo priorities: DSS05 Managed Security Services, APO13 Managed Security, and BAI06 Managed IT Changes. This research contributes to the knowledge base of information security management in DT and is particularly practical for guiding BankCo's DT journey, as well as benefiting the broader industry.Keywords: Digital Transformation; IT Governance and Management; COBIT 2019 Information Security; Design Science Research; Bank. AbstrakPerubahan perilaku konsumen, kecepatan inovasi digital kompetitor, dan arahan regulasi telah memaksa perusahaan incumbent untuk percepatan transformasi digital (TD). Penelitian sebelumnya berhasil mengidentifikasi pengaruh tata kelola TI (TKTI) terhadap kinerja organisasi (KO), dimediasi penuh oleh TD. Namun masih diperlukan pendalaman mengenai rancangan mekanisme pengelolaan keamanan informasi untuk mengawal perjalanan TD. Penelitian ini menggunakan pendekatan Design Science Research (DSR) berbasis kerangka kerja terkini dari ISACA yaitu COBIT 2019 Information Security Focus Area. Studi kasus dilakukan di BankCo, dengan pengumpulan data melalui wawancara dan triangulasi dokumen. Perancangan solusi dan roadmap implementasi dilakukan berdasarkan kesenjangan yang didapatkan dari hasil penilaian tujuh komponen pada ketiga prioritas BankCo yaitu DSS05 Managed Security Services, APO13 Managed Security, dan BAI06 Managed IT Changes. Penelitian ini berkontribusi terhadap basis pengetahuan mengenai pengelolaan keamanan informasi pada DT, serta secara praktis khususnya bermanfaat bagi BankCo untuk mengawal perjalanan TD-nya, dan umumnya bagi industri terkait. ]]>
Copyrights © 2023
