Evaluation of Internal Control on the Siakad Application at Politeknik Kesehatan Bhakti Setya Indonesia Using Cobit 2019
##plugins.themes.academic_pro.article.main##
Abstract
The digitalization of higher education has made Academic Information Systems (SIAKAD) essential assets requiring effective IT internal controls. This study evaluates the capability level of internal controls in the SIAKAD application at Poltekkes Bhakti Setya Indonesia (BSI) using the COBIT 2019 framework and identifies improvement opportunities. Data were collected through in-depth interviews with six key respondents, including IT management, SIAKAD operators, and the Head of Academic Affairs, supported by institutional documents. The assessment focused on five COBIT 2019 processes: APO12, DSS01, DSS05, BAI10, and MEA02. The results indicate that most processes remain at Capability Level 1 (Performed Process), while DSS01 achieved Level 2 (Managed Process). The largest capability gap was identified in MEA02, which remains at Level 0 (Incomplete Process), whereas APO12, DSS05, and BAI10 each showed a gap of two levels. These findings provide practical recommendations to strengthen IT governance and achieve Capability Level 3 (Established Process) through standardized procedures and continuous internal monitoring.
##plugins.themes.academic_pro.article.details##

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
[2] Wulyatiningsih, T., & Mambu, J. Y. (2025). IT Governance Maturity and Business Alignment: A COBIT 2019 Evaluation at RSUD ODSK. International Journal of Engineering, Science and Information Technology, 5(2), 248-255.
[3] Setyadi, R., & Rahman, A. A. (2025). Enhancing IT Governance Based on Risk and Security Analysis in a Private School: A COBIT 2019 Approach. JOIV: International Journal on Informatics Visualization, 9(5), 2148-2156.
[4] AL-Qatanani, K. M. (2025). The impact of implementing information technology governance based on the COBIT-2019 framework on institutional performance. Edelweiss Applied Science and Technology, 9(3), 84-95.
[5] Pratama, R. Y., & Umaroh, S. (2024). An IT Asset Governance Model Design Using COBIT 2019 And ITIL V4 Framework at BKU Itenas. E3S Web of Conferences, 484, 02006.
[6] Fadya, M., & Utama, D. N. (2025). Towards Secure Information Systems: Developing and Implementing an Information Security Evaluation Model Using NIST CSF and COBIT 2019. TEM Journal, 14(1), 182-191.
[7] Huang, S.-Y., Wang, T., Huang, Y.-T., & Yeh, T.-N. (2024). Information security risk items and management practices for mobile payment using non-financial-institution service providers: An exploratory study. International Journal of Accounting Information Systems, 53, 100684.
[8] Kirpitsas, I., & Pachidis, T. (2026). KIBO, a new hybrid software development method with enhanced information systems auditing capability. Information and Software Technology, 190, 107958.
[9] Casamassa, J., Wang, W., & Masialeti, M. (2025). Generative AI governance for cybersecurity: an integrated approach. Issues in Information Systems, 26(3), 484-493.
[10] McIntosh, T. R., Susnjak, T., Liu, T., Watters, P., Xu, D., Liu, D., Nowrozy, R., & Halgamuge, M. N. (2024). From COBIT to ISO 42001: Evaluating cybersecurity frameworks for opportunities, risks, and regulatory compliance in commercializing large language models. Computers & Security, 144, 103964.
[11] Radjulan, J. C., Iriani, A., & Tambotoh, J. (2024). Evaluation IT Governance Computer Network at Central Bureau of Statistics (BPS) Maluku Province Using COBIT 2019 DSS01 and DSS05 Domains. Barekeng: Journal of Mathematics and Its Applications, 18(4), 2779-2794.
[12] Pietersen, L., & Rudman, R. J. (2025). Data-related risks for the use of machine learning in retail customer demand forecasting. South African Journal of Business Management, 56(1), a4766.
[13] Faradillah, Ermatita, & Rini, D. P. (2025). Enhancing Governance Maturity Assessment in Higher Education Institutions Through Data-Driven Feature Selection and Clustering Techniques. Ingénierie des Systèmes d'Information, 30(10), 2773-2783.
[14] Amalia, R., & Handayani, T. (2021). Evaluasi Tata Kelola Teknologi Informasi Menggunakan COBIT 2019 pada Domain APO12 (Manage Risk) di [Nama Institusi]. Jurnal Sistem Informasi, X(Y).
[15]ISACA. (2018). COBIT 2019 Framework: Introduction and Methodology. Schaumburg, IL: Information Systems Audit and Control Association.
[16]Jogiyanto. (2005). Sistem Informasi Keputusan. Yogyakarta: Andi Offset.