" INTECHNO Journal - Information Technology Journal "

IT governance is process which ensures IT implementation in supporting the organization goals. Effective IT governance would perform important roles in the effort of achieving organization objectives, in ensuring effective IT investment, and in governing effective IT properly in related to threats and opportunities. Threats to organizations or companies have reached 90 % based on PWC and info security therefore some audits should be initiated to observe the effectiveness of implementation of IT governance. The objective of the research is to audit an implemented IT governance, to audit the information security as it is based on CIA (Confidentiality, Integrity, and Availability) which uses COBIT® 4.1. The triangle CIA concludes 4 domains of Planning and Organizing, Acquiring and Implementing, Delivering, Supporting, Monitoring, and Evaluating using 13 processes of PO2, PO9, AI2, AI3, AI6, DS4, DS5, DS10, DS11, DS12, DS13, ME1, and ME2. The respondents are classified based on the table of RACI (Responsible, Accountable, Consulted, and Informed). The respondents represent the position and the responsibility in the company. The final result shows average Maturity Level 2: Repeatable but Intuitive, which concludes that, in general, the management is already aware of the processes but the processes are not yet surely documented.

Keywords :

Audit an implemented IT governance,  framework, COBIT 4.1®.