Transformasi Digital InsurCo dengan Merancang Pengelolaan Risiko Teknologi Informasi Menggunakan Framework COBIT 2019 IT Risk Management Focus Area

Abstrak

Rapid advancements in Information Technology (IT) play a vital role in fostering innovation within a company. Previous research has successfully identified the significance of IT Governance and Management (ITGM) in the process of Digital Transformation (DT). However, a more comprehensive analysis is needed to understand the role of IT risk management in supporting such changes, particularly through a case study on the insurance company InsurCo. This study employs the Design Science Research (DSR) method, utilizing interview data and the COBIT 2019 IT Risk Management Focus Area framework to design an IT risk management approach that supports InsurCo's DT. Capability assessments, gap analysis, potential improvements, improvement designs, roadmap development, and impact estimation of implementation have been executed on seven ITGM components. InsurCo, being a State-Owned Enterprise, is bound by the regulation PER-2/MBU/03/2023 concerning the Guidelines for Governance and Significant Corporate Activities of State-Owned Enterprises. Additionally, the Financial Services Sector Master Plan 2021-2025 highlights the acceleration of DT. The prioritized ITGM objectives required by InsurCo are derived from three design factor determinations: focus areas, design mechanisms, and ITGM mechanisms concerning DT, resulting in the following prioritized ITGM objectives: APO12 Managed Risk, EDM03 Ensure Risk Optimization, and DSS04 Managed Continuity. There is an estimated average capability increase of 3.57% across these three ITGM objectives. The research outcome presents a recommended design for the seven components of the governance system, aiming to enhance the IT risk management capability index within InsurCo. This study contributes to a deeper understanding of the concept of prioritizing IT risk management to support organizational digital transformation, specifically providing practical implications for InsurCo to bolster the success of their strategic programs, and benefit the insurance industry.