Risk Management Evaluation in Hospital Management Information Systems Using Framework COBIT 2019 - Case Study: Ernaldi Bahar South Sumatera Hospital

Hilditia Cici Triska Amirta, Muhammad Ihsan Jambak, Pacu Putra Suarli, Yadi Utama, Ari Wedhasmara, Putri Eka Sevtiyuni

Abstract

Hospital Management Information System (SIMRS) is a system to assist service performance, reporting and data retrieval at hospitals that have been required by the government to be implemented in all hospitals in Indonesia. The existence of SIMRS is certainly an inseparable part of the service process and hospital data management, but it can also cause various IT risks to arise. Therefore, a good risk management is needed to minimize any possible IT risks that have not or have occurred. The performance of an IT risk management can be indicated from its capability levels. This study aims to determine how high the capability levels and the gap value from each process of the IT risk management at Ernaldi Bahar Hospital. The framework used as a reference in the assessment of the risk management process is COBIT 2019 which has 3 stages, namely the mapping process, capability level assessment, and conclusions. This study resulted in the value of capabilities in each process in IT risk management, the gap value, and recommendations for improvement that can be applied to SIMRS Ernaldi Bahar. The results of the measurement of the IT risk management capability of SIMRS Ernaldi Bahar in the EDM03 and DSS03 processes are at level 3, while the APO12 and DSS05 processes are at level 1. The gap values for the EDM03 and DSS03 processes is 1 level, while the gap values for the APO12 and DSS05 processes are 3 levels. Process improvement recommendations refer to COBIT 2019 best practices.

Full Text:

PDF

References

M. Adhisyanda Aditya, R. Dicky Mulyana, A. Mulyawan, S. LIKMI Bandung, and S. Mardira Indonesia, “PERBANDINGAN COBIT 2019 DAN ITIL V4 SEBAGAI PANDUAN TATA KELOLA DAN MANAGEMENT IT,” J. Comput. Bisnis, vol. 13, no. 2, pp. 100–105, 2019.

D. Steuperaert, “Cobit 2019: a Significant Update,” Edpacs, vol. 59, no. 1, pp. 14–18, 2019, doi: 10.1080/07366981.2019.1578474.

ISACA, COBIT 2019 Governance and Management Objectives (ISACA). 2019.

ISACA, COBIT 2019 Framework Introduction and methodology. 2019. [Online]. Available: https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf

ISACA, Designing an Information and Technology Governance Solution. 2018.

ISACA, “Defining Target Capability Levels in COBIT 2019: A Proposal for Refinement,” 2019, [Online]. Available: https://www.isaca.org/resources/news-and-trends/industry-news/2019/defining-target-capability-levels-in-cobit-2019-a-proposal-for-refinement

E. Nachrowi, Yani Nurhadryani, and Heru Sukoco, “Evaluation of Governance and Management of Information Technology Services Using Cobit 2019 and ITIL 4,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 4, no. 4, pp. 764–774, 2020, doi: 10.29207/resti.v4i4.2265.

V. Kasma Septiyana, S. Sutikno, and K. Surendro, “Design of e-Government Security Governance System Using COBIT 2019,” IEEE Xplore, vol. 2019, pp. 1–6, 2020, [Online]. Available: https://ieeexplore.ieee.org/document/8969808

DOI: https://doi.org/10.36706/sjia.v4i1.52

Refbacks

  • There are currently no refbacks.