Governansi TI dan Infrastruktur Teknologi Informasi

Questions and Answers

Siapa pemilik dari strategi TI dalam organisasi?

Manajer IT

CEO

CIO dan komite pengarah (correct)

Tim Eksekutif

Apa saja kegiatan khas yang dilakukan dalam IT Governance?

Pengelolaan data dan dukungan teknis

Manajemen operasi dan program

Perencanaan anggaran dan otorisasi pengeluaran teknologi (correct)

Strategi perolehan dan ekspansi geografis

Apa tujuan dari kerangka kerja COBIT?

Menetapkan aturan penggunaan perangkat lunak

Mengelola semua teknologi dan proses informasi untuk mencapai tujuan organisasi (correct)

Mengembangkan aplikasi baru untuk bisnis

Mengatur pengeluaran teknologi perusahaan

Siapa yang berperan dalam menetapkan arah strategi bisnis?

Eksekutif Senior

Apa yang termasuk dalam aktivitas strategis TI selama 3-5 tahun ke depan?

Strategi aplikasi, data, dan infrastruktur

Apa pengertian utama dari IT Governance?

Kapabilitas organisasi untuk mengontrol implementasi strategi TI.

Siapa yang bertanggung jawab terhadap IT Governance dalam organisasi?

Manajemen Eksekutif dan Dewan Direksi.

Apa saja pilar utama dari IT Governance?

Organisasi, proses, dan teknologi.

Mengapa organisasi memerlukan IT Governance?

Untuk memastikan bahwa TI mendukung strategi dan tujuan organisasi.

Apa yang dimaksud dengan COBIT dalam konteks IT Governance?

Framework untuk pengelolaan dan pengendalian TI.

Apa yang menghubungkan infrastruktur TI dengan sumber daya eksternal?

Infrastruktur publik.

Mengapa keterlibatan Dewan Direksi penting dalam IT Governance?

Untuk menetapkan keputusan strategis dan kebijakan TI.

Apa yang menjadi alasan utama perlunya IT Governance dalam organisasi saat ini?

IT telah menjadi bagian penting dalam mengelola aset tidak berwujud.

Bagaimana peran IT dalam pengembangan strategi organisasi?

IT menjadi faktor penting untuk diferensiasi dan keunggulan kompetitif.

Apa yang menunjukkan perubahan peran departemen IT dalam organisasi modern?

IT sekarang dilihat sebagai mitra strategis.

Apa risiko yang dihadapi organisasi karena ketergantungan yang tinggi pada IT?

Kesalahan, kelalaian, dan penipuan.

Apa yang dimaksud dengan aset intelektual dalam konteks IT Governance?

Karya, layanan, dan hak cipta yang dimiliki.

Apa perbedaan utama antara pandangan IT sebagai penyedia layanan dan IT sebagai mitra strategis?

IT sebagai penyedia layanan berfokus pada efisiensi dan tidak terhubung dengan bisnis.

Mengapa pengelolaan aset keuangan penting dalam IT Governance?

Karena pengelolaan yang baik dapat meningkatkan cash flow dan investasi.

Apa yang menjadi fokus utama dari IT dalam konteks pertumbuhan bisnis?

Meningkatkan kualitas dan kuantitas barang dan layanan.

Apa yang dianggap sebagai keuntungan dari IT dalam lingkungan bisnis yang dinamis?

IT meningkatkan komunikasi dan kolaborasi dengan pemangku kepentingan.

Apa yang dimaksud dengan manajemen IT dalam konteks tata kelola IT?

Fokus pada penyediaan layanan IT dan produk secara efisien

Apa manfaat utama dari tata kelola IT?

Peningkatan keselarasan antara strategi bisnis dan IT

Apa peran dari dewan direksi dalam tata kelola IT?

Mengambil keputusan strategis terkait TI

Apa perbedaan utama antara tata kelola IT dan manajemen IT?

Tata kelola IT mencakup aspek transformasi dan perubahan

Salah satu dari berikut ini bukan merupakan tujuan dari tata kelola IT?

Meningkatkan risiko pengelolaan

Apa yang dimaksud dengan 'komunikasi yang lebih baik' dalam konteks tata kelola IT?

Mengoptimalkan alur komunikasi antara IT dan bisnis

Peningkatan efisiensi dan dukungan untuk perubahan adalah manfaat dari?

Tata kelola IT

Apa yang seharusnya diperhatikan dalam manajemen sumber daya IT?

Optimasi investasi dalam sumber daya IT penting

Mengapa tata kelola IT penting bagi organisasi?

Untuk memastikan pemanfaatan sumber daya yang efisien

Apa yang dimaksud dengan 'manfaat fleksibilitas bisnis' dalam tata kelola IT?

Kemampuan untuk menyesuaikan strategi dengan cepat

Apa yang terjadi jika tidak ada tata kelola TI yang efektif dalam sebuah organisasi?

Aset TI tidak akan memberikan keuntungan strategis.

Apa fokus utama dari tata kelola TI?

Menghubungkan rencana bisnis dengan rencana TI.

Apa yang menjadi tantangan dalam pengukuran kinerja tata kelola TI?

Memastikan bahwa nilai yang dijanjikan ditunjukkan selama siklus pengiriman.

Mengapa pemahaman tentang risiko penting dalam tata kelola TI?

Untuk memberikan transparansi tentang risiko signifikan.

Apa tujuan dari pengiriman nilai dalam tata kelola TI?

Menjamin bahwa TI memberikan manfaat yang dijanjikan.

Salah satu tanggung jawab utama tata kelola TI adalah:

Menyelaraskan operasi TI dengan operasi organisasi.

Apa yang menjadi salah satu pilar tata kelola TI?

Manajemen risiko yang jelas dan pemahaman yang mendalam.

Apa yang perlu dilakukan untuk mengoptimalkan biaya TI?

Berkonsentrasi pada pembuktian nilai intrinsik dari TI.

Apa yang dimaksud dengan 'tata kelola TI' menurut COBIT?

Sistem yang memastikan TI memberikan nilai bagi bisnis dan memitigasi risiko.

Dalam konteks tata kelola TI, apa arti dari 'pengukuran kinerja'?

Tindakan untuk memastikan bahwa tujuan strategis dicapai.

Study Notes

IT Governance and Information Technology Infrastructure

• The topic is IT Governance and Information Technology Infrastructure.
• The presenter is Aryo Pinandito, ST, M.MT, Ph.D.
• The learning outcomes include explaining why organizations need IT governance, understanding the function and key IT resources, understanding the three pillars of IT governance (organization, process, and technology), and knowing COBIT as a governance framework.
• IT governance is the responsibility of executives and the board of directors. It involves leadership, organizational structures, and processes to ensure the enterprise's IT sustains and extends the organization's strategy and objectives.
• IT governance specifies decision rights and accountability frameworks to encourage desirable IT use behavior.
• IT governance is the organizational capacity exercised by the board, executive management, and IT management to control the formulation and implementation of IT strategy, ensuring the fusion of business and IT.
• IT governance is an integral part of enterprise governance.
• IT governance focuses on achieving the link between business and IT, and the primary responsibility of the board.
• Information Technology (IT) Governance is the responsibility of Executive Management and the board of directors (BOD) and is a strong representation of the "tone from the top".
• Many BODs now have an "IT Committee".
• The new infrastructure includes Local IT for Business, Firm Information Technology (combined with public infrastructure, such as customer databases and email), and Public Infrastructure (linking the firm to external industry infrastructures like the internet and EDI networks).

Why IT Governance?

• Information technology (IT) is pervasive in current dynamic and often turbulent business environments.
• In the past, business executives could delegate, ignore, or avoid IT decisions, but this is no longer possible in most sectors and industries.
• Organizations are reliant on IT to manage, develop, communicate, and maintain intangible assets such as information and knowledge.
• Successful organizations depend on secure, accurate, reliable, and timely information and knowledge provided through technology use.
• Dependence on IT introduces risks.
• IT plays a significant role in developing organizational strategies.
• IT becomes a success factor for organizational differentiation and competitive advantage.
• IT governance improves the quality and quantity of valuable goods and services.
• IT departments are changing from service providers to strategic partners.
• IT investments are expensive.

IT as a Service Provider vs IT as a Strategic Partner

• IT as a service provider is focused on efficiency, measured by external benchmarks, is seen as an expense to control, and has technically focused IT managers.
• IT as a strategic partner is focused on business growth, measured by business strategy, seen as an investment to manage, and has business-focused IT managers.

Layers of IT Governance Responsibility

• The layers of responsibility include strategic level (board of directors), management level (CEO, CIO), and operational level (IT and business management).

Corporate and Key Asset Governance

• IT governance is a part of corporate governance, falling under the responsibility of the board.
• Key assets include human, financial, physical, intellectual property, information and IT, and relationship assets.
• Financial mechanisms (committees, budgets, etc.) and IT governance mechanisms (committees, budgets, etc.) are related to key asset governance.

Key Assets

• Human assets include people, skills, career paths, training, and competencies.
• Financial assets involve cash, investments, liabilities, cash flow, and receivables.
• Physical assets cover buildings, plants, equipment, maintenance, security, and utilization.
• Intellectual property encompasses products, services, and copyrighted materials.
• IT assets consist of digitized data, information, knowledge, customer process performance, and information systems.
• Relationship assets include brand and reputation.

Why is IT Governance Required/Recommended?

• Without effective IT Governance, risk exists that existing IT assets and capabilities may not meet the organization's strategic, operational, or financial objectives.
• IT governance reviews should be part of Internal Audit planned activities.
• COBIT emphasizes the importance of IT Governance.

Focus Areas of IT Governance

• IT governance is concerned with IT's delivery of value to the business, and mitigating IT risks.
• The first is driven by strategic alignment of IT with the business.
• The second is driven by embedding accountability into the enterprise.
• Both need to be adequately measured.

IT Governance Capabilities

• Strategic alignment: Monitoring the linkage of business and IT plans, defining, maintaining, and confirming the IT value proposition, and aligning IT operations with enterprise operations.
• Risk management: Understanding risk, understanding compliance requirements, providing transparency about significant risks to the enterprise, and embedding risk management responsibilities into the organization.
• Value delivery: Executing the value proposition throughout the delivery cycle, making sure that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT.
• Performance management: Tracking and monitoring resource usage, process performance, and service delivery.
• Resource management: Optimizing investment in, and the proper management of critical IT resources: applications, information, infrastructure, and people.

IT Governance vs Corporate Governance

• Corporate governance is the system by which organizations direct and control.
• IT governance, as an integral part of corporate governance, falls under the responsibility of the board of directors.

IT Governance vs IT Management

• IT management focuses on effective and efficient internal supply of IT services and products, and managing current IT operations.
• IT governance is broader, performing and transforming IT to meet present and future demands of the business (internal focus) and business customers (external focus).

Governance vs Management

• Governance is the creation of a setting in which others can effectively manage.
• Management is the making of operating decisions.

Benefits of IT Governance

• Alignment of business and IT strategies.
• Greater efficiencies, increased support, and reduced costs when implementing change.
• Effective risk management and compliance.
• Effective and efficient use of IT resources for asset utilization and business growth and flexibility.
• Improved culture in adherence to company policies and procedures.
• Improved communication of the role of IT in achieving business results and the capability to meet business needs.
• Improved IT performance measurement capabilities.

IT Governance in Organizations

• Business strategy, supported by senior executives, drives the strategy of IT governance, supported by the steering committee/key business stakeholders
• Owner: CIO drives IT Delivery.
• Owner: CIO, Steering committee drives IT Strategy.
• Owner: Steering committee/Key Business Stakeholders authorizes IT Governance.

Typical Activities

• Business strategy: Business direction setting, strategic planning, growth/acquisition/divestiture strategies, geographic planning.
• IT strategy: 3-5 year planning, IT direction, applications, data, infrastructure, security, delivery strategy.
• IT governance: Budgeting and planning, technology spending authorization, initiative approval, enforcement of technology standards, technical support, hardware/network management, data management, delivery/program management, operations management.

COBIT Framework

• COBIT is a framework for the governance and management of enterprise information and technology, aimed at the whole enterprise.
• All technology and information processing that the enterprise puts in place to achieve its goals, irrespective of where it happens in the enterprise.
• The COBIT framework distinguishes between governance and management.
• Governance ensures stakeholder needs, conditions, and options meet balanced, agreed-upon enterprise objectives, and direction is set through prioritization and decision-making, ensuring performance and compliance are monitored.
• Management plans, builds, runs, and monitors activities aligned with the direction set by the governance body to achieve enterprise objectives.
• COBIT defines the components for building and sustaining a governance system, including processes, organizational structures, policies, procedures, information flows, culture, behaviors, skills, and infrastructure.
• Defines design factors for a best-fit governance system.
• Groups governance issues by governance and management objectives, to be managed at needed capability levels.
• COBIT is not a full description of the whole IT environment, a framework for organizing business processes, or an IT technical framework for managing technology.

COBIT Six Principles

• Providing stakeholder value.
• Holistic approach.
• Dynamic governance system.
• Governance distinct from management.
• Tailored to enterprise needs.
• End-to-end governance system.

COBIT Three Principles

• Based on the conceptual model.
• Open and flexible approach, adaptable to new issues.
• Aligned with major standards, frameworks, and regulations.

Governance and Management Objectives

• COBIT groups governance and management objectives into five domains with names that express their key purpose and activity areas.

COBIT Domains

• Governance Objective: Evaluate, direct, and monitor (EDM).
• Management Objective: Align, plan, and organize (APO), Build, acquire, and implement (BAI), Deliver, service, and support (DSS), Monitor, evaluate, and assess (MEA).

COBIT Core Model

• This section includes a detailed depiction of the COBIT Core Model.

IT Governance Assessment Approach

• An approach involving key contact identification, interviews, discussion facilitation, evidence gathering, maturity level evaluation, and recommendations.

Broader View of IT Governance

• People: Agency culture, values, beliefs, behavior.
• Processes: Bodies (executive leadership, IT steering committees), Tools (IT strategy, IT policies, data governance, IS controls).
• Technology: Organizational plans, IT balanced scorecard, service level oversight.

Description

Quiz ini membahas pentingnya governansi TI dan infrastruktur teknologi informasi dalam organisasi. Peserta akan memahami fungsi sumber daya TI, tiga pilar dari governansi TI, serta kerangka kerja COBIT. Sertakan pengetahuan mengenai tanggung jawab pimpinan dalam memastikan strategi TI mendukung tujuan organisasi.