Development of IT risk management framework using COBIT 4.1, implementation in IT governance for support business strategy

Abstract

Extensive use of information technology in companies put IT into a position which is of considerableconcern, especially in large companies that put IT becomes a strategic part of the company. The importanceof IT division, make the companies willing to pay big to get the benefits offered by IT itself, but on the otherhand appears disappointment incurred from investments are not comparable with the results obtained. Untilthe threat appear and disrupt the business of the company. By doing risk management using the IT risk management framework by Cobit 4.1, the combining between business strategy Goals and IT Goals can assist companies in identifying risks that might occur and Companies can design how to mitigate if risks occur. IT governance should be able to support the company's business strategy by managing and memange risks in order to avoid large financial losses to the company due to the lack of identifying and analyzing risks in the company.