Abstract: Lately, organizations including the governmental ones started to realize the crucial role of IT for their organizations. For example, in the last 3 years, The Ministry of Finance (MoF) has spent Rp1.244 billion (USD 93,57 million) for IT investment itself. Weill (2004) stated that the benefit received from the IT investment is influenced by its governance. To ensure that IT is well-governed, IT governance audit is performed. In Indonesia, Inspectorate General of MoF is the first and only internal audit organization to carry out IT governance audit to date. IT governance audit in the Ministry of Finance has also implemented the globally accepted framework, COBIT. For those reasons, IT governance audit practice in the MoF could be the acceptable benchmark for another public sector organization about the aforesaid area of audit. This research aims to get the understanding about the implementation of IT governance audits in the Ministry of Finance (MoF) and compare them with Assessor Guide: Using COBIT 5. This study is important because meanwhile IT governance audit is important, to the best of author’s knowledge, research about IT governance audit practice in Indonesia’s public sector is very limited. To achieve the research’s purpose, this research will be served as a qualitative descriptive research. The result showed that MoF’s IT governance audit practice implemented Assessor Guide: Using COBIT 5 with some adjustments were done. Despite being in the early stage, the IT governance audit which combined COBIT 4.1 and COBIT 5 assessment approaches is fair performed.

Abstrak: Dewasa ini, organisasi termasuk organisasi pemerintah mulai menyadari peran penting TI untuk organisasi mereka. Misalnya, dalam 3 tahun terakhir, Kementerian Keuangan (Kemenkeu) telah menghabiskan Rp1.244 miliar (USD 93,57 juta) untuk investasi TI. Weill (2004) menyatakan bahwa manfaat yang diterima dari investasi TI dipengaruhi oleh tata kelolanya. Untuk memastikan bahwa TI dikelola dengan baik, audit tata kelola TI dilakukan. Di Indonesia, Inspektorat Jenderal Kemenkeu adalah organisasi audit internal pertama dan satu-satunya yang melakukan audit tata kelola TI hingga saat ini. Audit tata kelola TI di Kemenkeu juga telah menerapkan framework yang diterima secara global, COBIT. Untuk alasan tersebut, praktik audit tata kelola TI di Kemenkeu dapat menjadi tolok ukur bagi organisasi sektor publik lainnya tentang bidang audit tersebut.. Penelitian ini bertujuan untuk mendapatkan pemahaman tentang pelaksanaan audit tata kelola TI di Kemenkeu dan membandingkannya dengan Assessor Guide: Using COBIT 5. Studi ini penting sebab meskipun audit tata kelola TI penting, sepanjang pengetahuan penulis, penelitian tentang praktik audit tata kelola TI di sektor publik Indonesia sangat terbatas. Untuk mencapai tujuan penelitian, penelitian ini akan disajikan sebagai penelitian kualitatif deskriptif. Hasil penelitian menunjukkan bahwa praktik audit tata kelola TI Kemenkeu telah menerapkan Assessor Guide: Using COBIT 5 dengan beberapa penyesuaian. Meskipun berada di tahap awal, audit tata kelola TI yang menggabungkan pendekatan assessment COBIT 4.1 dan COBIT 5 telah dilakukan secara cukup baik.

Africa, D. 2009. Auditing IT Governance Seminar.ISACA Manila Professional Development Center. Manila: ISACA Manila Chapter.

Al-Hayale, T.,& Abu Khadra, H. 2006. Evaluation of The Effectiveness of Control Systems in The Computerized Accounting Information Systems: An Empirical Research Applied on Jordanian Banking Sector. Journal of Accounting. Business,and Management 13: 39-68.

Bermejo, P.H.S., Tonelli, A.O. Zambalde, and A.L. 2014. Developing IT Governance in Brazilian Public Organizations. Int. Bus. Res 7(3): 101-114.

Crawford, Adam. 2006. Networked Governance and the Post-Regulatory State? Steering, Rowing and Anchoring the Provision of Policing And Security. Theoritical Criminology 10(4): 449-479.

DiCicco, Barbara, and Crabtree, Benjamin F. 2006.“The Qualitative Research Interview”. Medical Education 40: 314-321.

Gheorghe, M. 2010. Audit Methodology for IT Governance. Informatica Economica 1: 32-42.

Grembergen, De Haes, and Guldentops. 2004. Structures, Processes and Relational Mechanisms for IT Governance. London: Idea Group Inc.

Guldentops, E. 2003. Governing Information Technology Through COBIT. In W. Van Grembergen (Ed.), Strategies For Information Technology Governance. Hershey, PA: Idea Group Publishing.

ITGI. 2003. “IT Governance Institute, Board Briefing on IT governance. 2nd Edition”. http://www.itgi.org

ITGI. 2007. “COBIT 4.1 Framework, Control Objectives, Management Guidelines, Maturity Value”. http://www.itgi.org

ITGI. 2007. “IT Assurance Guide: Using COBIT”. http://www.itgi.org

ISACA (Information System Audit and Control Association). 2009. Implementing and Continually Improving IT Governance. Rolling Meadows, IL: Information Systems Audit and Control Association.

ISACA. https://cobitonline.isaca.org/about

Juiz, C., C. Guerrero, and I Lera. 2014. Implementing Good Governance Principles for the Public Sector in Information Technology Governance Frameworks. Open Journal of Accounting 3: 9-27.

Kemenkeu. rkakldipa.depkeu.go.id

Kemenkeu. 2015. “BPKP: MoF’s Government Internal Supervisory Apparatus Could Be Role Model”. http://www.kemenkeu.go.id/en/Berita/bpkp-mof%E2%80%99s-government-internal-supervisory-apparatus-could-be-role-model

LM, Applegate., Austin RD, and McFarlan FW. 2003. Corporate Information Strategy and Management: Text and Cases.6th Ed. New York: McGraw-Hill.

Nkwe, Nugi. 2011. State of Information Technology Auditing in Botswana. Asian Journal of Finance & Accounting 3: 125-136.

Omari, Loai Al: Paul Barnes: and Grant Pitman. 2013. Delphy Study into the Audit Challenges of IT Governance in the Australian Public Sector. Electronic Journal of Computer Science and Information Technology 4(1): 5.

Sethibe, T., J. Campbell, and C. McDonald. 2007. “IT Governance in Public and Private Sector Organisations: Examining the Differences and Defining Future Research Directions”. 18th Australian Conference on Information Systems: 833-843.

Spremic, Mario., Marijana Ivanov. and Bozidar Jakovic. 2012. IT Governance and Information System Auditing Practice in Credit Institutions in The Republic of Croatia. International Journal of Applied Mathematics and Informatics 6: 101-108.

Tempo. 2015. “Cyber Crime, Lebih dari Rp 33 M Melayang Gara-gara Hacker”. http://m.tempo.co/read/news/2015/08/26/172695105/cyber-crime-lebih-dari-rp-33-m-melayang-gara-gara-hacker

Van Grembergen, W. and S. DeHaes.2008. Enterprise Governance of IT. Belgium: Idea Group Publishing Antwerp University.

Weill, P and J.W. Ross. 2004. IT Governance: How Top Performers Manage IT Decision Rights for Superior Performance. USA: Harvard Business School Press.

Weill, P. 2004. Don’t Just Lead, Govern: How Top Performing Firms Govern IT, MIT Sloan School of Management, Center for Information Systems Research, Working Paper No. 34.