7. Definisi (3)
• Specifying the decision rights and accountability
framework to encourage desirable behavior in using IT
(Peter Weill & Jeanne W Ross – MIT, 2004).
• The system by which the current and future use of ICT is
directed and controlled. It involves evaluating and
directing the plans for the use of ICT to support the
organization and monitoring this use to achieve plans. It
includes the strategy and policies for using ICT
within an organization (Australian Standard on
Corporate Governance of ICT, 2005).
16. Mengapa dibutuhkan framework?
Sisi Konseptual.
Agar pemahaman menyeluruh.
Menentukan arah.
Menjamin keteraturan.
17. IT Governance Frameworks
IT Governance: Reviewing 17 IT Governance Tools and Analysing, Michael Holm Larsen,
Proceedings of the 39th Hawaii International Conference on System Sciences - 2006
26. COBIT 4.1 & IT Governance
IT GOVERNANCE
Planning & Organisation Acquire & Implement Deliver & Support Monitor & Evaluate
PO1 Define a Strategic IT Plan AI1 Identify Automated DS1 Define and Manage
ME1 Monitor and Evaluate
PO2 Define the Information Solutions Service Levels
IT Performance
Architecture AI2 Acquire and Maintain DS2 Manage Third-party
ME2 Monitor and Evaluate
PO3 Determine Technological Application Software Services
Internal Control
Direction AI3 Acquire and Maintain DS3 Manage Performance
ME3 Ensure Compliance
PO4 Define the IT Processes, Technology Infrastructure and Capacity
With External Requirements
Organisation and Relationships AI4 Enable Operation and Use DS4 Ensure Continuous Service
ME4 Provide IT Governance
PO5 Manage the IT Investment AI5 Procure IT Resources DS5 Ensure Systems Security
PO6 Communicate AI6 Manage Changes DS6 Identify and Allocate Costs
Management Aims and AI7 Install and Accredit DS7 Educate and Train Users
Direction Solutions and Changes DS8 Manage Service Desk and
PO7 Manage IT Human Incidents
Resources DS9 Manage the Configuration
PO8 Manage Quality DS10 Manage Problems
PO9 Assess and Manage DS11 Manage Data
IT Risks DS12 Manage the Physical
PO10 Manage Projects Environment
DS13 Manage Operations
41. Maturity Models
Non-
existent Initial Repeatable Defined Managed Optimised
0 1 2 3 4 5
Legend for symbols used Legend for rankings used
Enterprise current status 0 - Management processes are not applied at all
1 - Processes are ad hoc and disorganised
International standard guidelines 2 - Processes follow a regular pattern
3 - Processes are documented and communicated
Industry best practice 4 - Processes are monitored and measured
5 - Best practices are followed and automated
Enterprise strategy