IT GOVERNANCE USING THE COBIT 5 FRAMEWORK AT BANK SAMPAH ALAM LESTARI TASIKMALAYA

Abstract

Bank Sampah Alam Lestari is a community-based waste management initiative aimed at raising environmental awareness and providing economic benefits to the community. However, the bank faces several challenges, particularly in information security and IT risk management. Currently, Bank Sampah Alam Lestari lacks a structured IT governance system, making it vulnerable to data loss, cybersecurity threats, and operational inefficiencies.

This study aims to design an IT governance model for Bank Sampah Alam Lestari using the COBIT 5 framework, focusing on the APO12 (Manage Risk) and APO13 (Manage Security) subdomains. The research employs a quantitative descriptive method with a gap analysis approach to compare the current state of IT governance with the ideal standard. The findings indicate that the IT governance capability level is at Level 0 (Incomplete Process), meaning that no formal policies or procedures related to information security and risk management have been implemented.

As a solution, this study proposes a three-year IT governance roadmap, including steps such as developing information security policies, implementing risk management systems, training human resources, and utilizing cloud-based technology. By adopting the COBIT 5 framework, Bank Sampah Alam Lestari is expected to enhance operational efficiency, reduce security risks, and ensure the sustainability of a more reliable IT system.

Keywords: COBIT 5, IT Governance, Information Security, Risk Management, Waste Bank