Professional Documents
Culture Documents
Keywords: COBIT framework, strategic plan, maturity level, assessment and IT governance
weakness, opportunities, and threats (SWOT) and to utilizing of I&T (Wijayanti et al., 2017; Katili et al.,
improve the quality of IT-related services. By this, the 2019).
organization can prioritize and optimize operational
activities. Information technology (IT) governance is COBIT Framework
associates by process and structure in controlling and
achieving goals through balancing resources and risks COBIT or otherwise known as Control Objectives for
and benefits of I&T processes (Sihotang et al., 2019). Information and Related Technology is an IT
Governance framework for small and large size of
Research Objectives non-profit organizations, entities, industry, & public
and private sectors to develop, organize, monitor,
Prior to several literature, the governance of IT is an controlling, maintaining risks and security, and
integral part of governance to ensure the alignment of implement strategies to improve procedures and
IT to support the objectives, goals, and strategies based provides a reliable information system (White, 2019;
on the specific strategic planning of the organization Hanna, 2021). The framework was developed by
(Silva & Neto, 2014). The paper objective is to ISACA known as the Information Systems Audit and
determine the level of the information technology (IT) Control Association year 1996. This framework's
governance of MSU-Maguindanao. Specifically, the purpose is to bridge the critical gap between IT-related
study aims to assess the current and expected maturity issues and business risks (Hanna, 2021) and also to
level of the university that relates to financial navigate the expansion of IT domains (White, 2019).
management focus area based on COBIT 5 framework According to Chrissy (2019), ISACA released the first
and Information Technology (INFO-TECH) Research version of COBIT in 1996, and different COBIT
Group. More so, the paper wants to grasp the gap on version followed. Due to the need for IT reliability and
the identified processes in based on COBIT 5. feedback from users, COBIT 2019 was the latest
iteration framework of technology within the business.
Further, the focus of this paper is limited to the More so, according to D-ICT solution, COBIT 2019 is
assessment of maturity level of IT Governance in an IT governance framework that provides directions
associates to financial management focus area, with a for IT enterprises and professionals to acquire better
particular emphasis on the COBIT 5 framework outcomes by enhancing their governance management,
processes, namely: EDM02 (Ensure Benefits compliances practices, and security and risk control.
Delivery), EDM04 (Ensure Resource Optimization),
APO06 (Manage Budget Costs), and APO10 (Vendor The paper will applied framework based in COBIT 5.
Management). Considering the framework practice in relation to IT
governance would provide I&T processes to measure
and assess the university performance particularly in
Literature Review financial management area. With framework, table 1
shows the identified processes with sub-process under
This section includes the information technology (IT) the following domain namely: EDM (Evaluate, Direct,
governance, COBIT framework, and the information and Monitor) and APO (Align, Plan, and Organise).
system strategic plan (ISSP) established by the According to ISACA organization, EDM is a domain
university. under governance objectives layer of COBIT core
model. EDM contained five (5) processes namely:
IT Governance EDM01 (Ensured Governance Framework Setting and
Maintenance), EDM02 (Ensure Benefits Delivery),
According to ISO/IEC 38500:2015, IT Governance EDM03 (Ensured Risk Optimization), EDM04
applied to various organizations (i.e., non-for-profit (Ensured Resource Optimization), EDM05 (Ensured
organizations, public sectors, or private entities) Stakeholder Engagement). On the other hand, APO is
despite the size and regardless of the degree of their IT another domain under management objectives layer of
utilization. Along these line, IT governance is a framework core model. APO included fourteen (14)
framework that provides a structure for entities to align processes namely: APO01 ( Managed I&T
IT strategy to business strategy (Lindros, 2017). It Management Framework), APO02 (Managed
gives methods to assess and determine IT performance Strategy), APO03 (Managed Enterprises Architecture,
and how it connects to organization development (ISO, APO04 (Managed Innovation), APO05 (Managed
2015). IT governance is identify by decision rights and Portfolio), APO06 ( Managed Budget and Costs),
implementation of accountable framework to APO07 (Managed Human Resources), APO08
encourage and increase the desirable condition in (Managed Relationships), APO09 ( Managed Service
Methodology
Ching, M., Fabito, B., and Celis, N., Data Privacy Act of 2012: A
Case Study Approach to Philippine Government Agencies
Compliance, Advanced Science Letters, Volume 24, Number 10,
The use of Microsoft Excel 2013 to tabulate and October 2018, pp. 7042-7046(5).
calculate the average value of the process EDM02 ()
involving the sub-process EDM02.01+ EDM02.02 + Department of Information and Communications Technology
(DICT) Organization, Republic Act No. 10844, Available:
EDM02.03 divided by total sub-process = (2 + 1.43 + https://dict.gov.ph/about-us/republic-act-no-10844/, n.d.
1.40) / 3 = 1.61, the same mathematical calculation is
done for process EDM04, APO06, and APO10. D-ICT (Detachering Interim management Consultancy Training)
Solution, What you need to know about the COBIT 2019
Further, the use of a radar graph, as shown in figure 2
framework, Available:
was made under the EdrawMax application. https://dictsolutions.com/en/cobit-2019-framework/, n.d.
Sihotang, H., Zarlis, M., Efendi, S., Jollyta, D., and Husain