InsurCo's Digital Transformation by Designing Information Technology Risk Management Using the 2019 COBIT Framework IT Risk Management Focus Area
Keywords:Digital Transformation, IT Governance and Management, IT Risk Management, COBIT 2019 IT Risk Management, Insurance, Indonesia
Rapid advancements in Information Technology (IT) play a vital role in fostering innovation within a company. Previous research has successfully identified the significance of IT Governance and Management (ITGM) in the process of Digital Transformation (DT). However, a more comprehensive analysis is needed to understand the role of IT risk management in supporting such changes, particularly through a case study on the insurance company InsurCo. This study employs the Design Science Research (DSR) method, utilizing interview data and the COBIT 2019 IT Risk Management Focus Area framework to design an IT risk management approach that supports InsurCo's DT. Capability assessments, gap analysis, potential improvements, improvement designs, roadmap development, and impact estimation of implementation have been executed on seven ITGM components. InsurCo, being a State-Owned Enterprise, is bound by the regulation PER-2/MBU/03/2023 concerning the Guidelines for Governance and Significant Corporate Activities of State-Owned Enterprises. Additionally, the Financial Services Sector Master Plan 2021-2025 highlights the acceleration of DT. The prioritized ITGM objectives required by InsurCo are derived from three design factor determinations: focus areas, design mechanisms, and ITGM mechanisms concerning DT, resulting in the following prioritized ITGM objectives: APO12 Managed Risk, EDM03 Ensure Risk Optimization, and DSS04 Managed Continuity. There is an estimated average capability increase of 3.57% across these three ITGM objectives. The research outcome presents a recommended design for the seven components of the governance system, aiming to enhance the IT risk management capability index within InsurCo. This study contributes to a deeper understanding of the concept of prioritizing IT risk management to support organizational digital transformation, specifically providing practical implications for InsurCo to bolster the success of their strategic programs, and benefit the insurance industry.
How to Cite
Copyright (c) 2023 Nabeel Azhar Garnida, Rahmat Mulyana, Widyatasya Agustika Nurtrisha
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Submission of a manuscript implies that the submitted work has not been published before (except as part of a thesis or report, or abstract); that it is not under consideration for publication elsewhere; that its publication has been approved by all co-authors. If and when the manuscript is accepted for publication, the author(s) still hold the copyright and retain publishing rights without restrictions. Authors or others are allowed to multiply the article as long as not for commercial purposes. For the new invention, authors are suggested to manage its patent before published. The license type is CC-BY-SA 4.0.