Information System Audit using COBIT 2019 on Multi Finance Company
DOI:
https://doi.org/10.51967/tanesa.v26i1.3319Keywords:
COBIT 2019, Information System Audit, IT Governance, Multi-Finance Industry, Blockchain Governance.Abstract
This research paper explores the extension of COBIT 2019 into a decentralized governance framework, specifically tailored for multi-finance companies in the fintech industry. The fintech sector faces rapid technological advancements, dynamic regulatory environments, and scaling cybersecurity threats; hence, conventional governance models often do not have the flexibility and scalability to cope with these challenges effectively. It addresses these lapses by proposing a framework for governance incorporating the use of decentralized autonomous organizations, blockchain technology for transparency, and artificial intelligence for predictive risk management. The model shall be endowed with smart contracts that guarantee enforcement of compliance in an automated manner, blockchain maintenance of an unalterable audit trail, and the use of AI in finding and mitigating emerging risks in real time. These innovations are also in tune with critical COBOT 2019 domains such as MEA02 (Auditability), APO12 for Risk Management, and DSS05 for Security Services, giving them an all-encompassing and adaptive governance approach. The testing of the proposed model demonstrates significant improvement in operational resilience, regulatory compliance, and stakeholder confidence, especially within high stakes fintech environments. These findings show that incorporating emergent technologies into COBIT 2019 provides added value in governance practices and positions a scalable and future-oriented solution to help navigate the complexities of the fintech sector. This research has contributed to the development of IT governance by showing how a decentralized and technology-integrated framework can transform governance practices in ensuring agility and security within multi-finance operations.
References
Adegbite, M. A. (2025). Data Privacy And Data Security Challenges In Digital Finance. Journal of Digital Security and Forensics, 2(1), 6-19..
Balcerzak, A., Nica, E., Rogalska, E., Poliak, M., Kliestik, T., & Oana, S. (2022). Blockchain Technology and Smart Contracts in Decentralized Governance Systems. Administrative Sciences, 12, 96. https://doi.org/10.3390/admsci12030096
Bouteraa, M., Chekima, B., Thurasamy, R., Bin-Nashwan, S. A., Al-Daihani, M., Baddou, A., Sadallah, M., & Ansar, R. (2024a). Open Innovation in the Financial Sector: A Mixed-Methods Approach to Assess Bankers’ Willingness to Embrace Open-AI ChatGPT. Journal of Open Innovation: Technology, Market, and Complexity, 10(1), 100216. https://doi.org/10.1016/J.JOITMC.2024.100216
Ferraro, C., Demsar, V., Sands, S., Restrepo, M., & Campbell, C. (2024). The paradoxes of generative AI-enabled customer service: A guide for managers. Business Horizons, 67(5), 549–559. https://doi.org/10.1016/J.BUSHOR.2024.04.013
Huang, Z., Xu, Z., Wang, X., & Xu, Z. (2024a). The analysis of credit governance in the digital economy development under artificial neural networks. Heliyon, 10(20), e39286. https://doi.org/10.1016/J.HELIYON.2024.E39286
Huang, Z., Xu, Z., Wang, X., & Xu, Z. (2024b). The analysis of credit governance in the digital economy development under artificial neural networks. Heliyon, 10(20), e39286. https://doi.org/10.1016/J.HELIYON.2024.E39286
Ilori, O., Nwosu, N., & Naiho, H. (2024). A comprehensive review of it governance: effective implementation of COBIT and ITIL frameworks in financial institutions. Computer Science & IT Research Journal, 5, 1391–1407. https://doi.org/10.51594/csitrj.v5i6.1224
Jarot, N. G., & Suroso, S. S. (2022). Analysis of Risk Management Information System Applications Using Iso/Iec 27001:2022. 7(7), 11.
Lainhart, J. (2019). COBIT 2019 Framework Governance and Management Objectives.
Leonardo, K., & Latuperissa, R. (2024a). Information Technology Governance Design in Trading Companies Using the COBIT 2019 Framework. Journal of Information Systems and Informatics, 6(3), 1466–1483. https://doi.org/10.51519/journalisi.v6i3.798
Oktaviana, A., Adi, K., & Warsito, B. (2024). Adopting COBIT 2019 for the Evaluation of Information Technology Risk Management in a Startup Company. International Journal of Innovative Science and Research Technology (IJISRT), 1613–1621. https://doi.org/10.38124/ijisrt/IJISRT24JUN1542
Reddy, M. S. (2024b). Exploring the Transformative Impact of Fintech on Banking, Finance. 08(04).
Rusman, A., Nadlifatin, R., & Subriadi, A. P. (2022). Analysis Factors Affect Information System Audit Using COBIT and ITIL Framework. SinkrOn, 7(3), 799–810. https://doi.org/10.33395/sinkron.v7i3.11476
Sherly, S., & Fianty, M. (2024b). Enhancing Financial Technology Operations: A Comprehensive Evaluation Using COBIT 2019 Framework. Jurnal Riset Informatika, 6, 57–66. https://doi.org/10.34288/jri.v6i2.267
Sim, I. (2024a). Billion-dollar cyberfraud industry expands in Southeast Asia as criminals adopt new technologies. https://www.unodc.org/roseap/en/2024/10/cyberfraud-industry-expands-southeast-asia/story.html
Soh, T. (2024). Singapore leads Asean in fintech investment and deals for 9M 2024: report . https://www.businesstimes.com.sg/international/asean/singapore-leads-asean-fintech-investment-and-deals-9m-2024-report
Solikhah, M., Magdalena, L., & Hatta, M. (2024). Implementation of the cobit 2019 framework on information technology governance and risk management (study case: cv. Syntax corporation indonesia). Journal of Universal Studies, 4(7). http://eduvest.greenvest.co.id
Suroso, J., & Rahadi, B. (2017). Development of IT risk management framework using COBIT 4.1, implementation in IT governance for support business strategy. 92–96. https://doi.org/10.1145/3124116.3124134
Suroso, J. S., & Fakhrozi, M. A. (2018). Assessment of Information System Risk Management with Octave Allegro at Education Institution. Procedia Computer Science, 135, 202–213. https://doi.org/10.1016/J.PROCS.2018.08.167
Suroso, J. S., & Rahadi, B. (2017). Development of IT risk management framework using COBIT 4.1, implementation in it governance for support business strategy. ACM International Conference Proceeding Series, Part F130654, 92–96. https://doi.org/10.1145/3124116.3124134
Tatineni, S., & Mustyala, A. (2024). Enhancing Financial Security: Data Science’s Role in Risk Management and Fraud Detection. International Journal of Advancements in Computational Technology, 2, 2583–8628. https://doi.org/10.56472/25838628/IJACT-V2I2P113
Therese Soh. (2024, November 6). Singapore leads Asean in fintech investment and deals for 9M 2024: report . https://www.businesstimes.com.sg/international/asean/singapore-leads-asean-fintech-investment-and-deals-9m-2024-report
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Buletin Poltanesa

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
The copyright of this article is transferred to Buletin Poltanesa and Politeknik Pertanian Negeri Samarinda, when the article is accepted for publication. the authors transfer all and all rights into and to paper including but not limited to all copyrights in the Buletin Poltanesa. The author represents and warrants that the original is the original and that he/she is the author of this paper unless the material is clearly identified as the original source, with notification of the permission of the copyright owner if necessary.
A Copyright permission is obtained for material published elsewhere and who require permission for this reproduction. Furthermore, I / We hereby transfer the unlimited publication rights of the above paper to Poltanesa. Copyright transfer includes exclusive rights to reproduce and distribute articles, including reprints, translations, photographic reproductions, microforms, electronic forms (offline, online), or other similar reproductions.
The author's mark is appropriate for and accepts responsibility for releasing this material on behalf of any and all coauthor. This Agreement shall be signed by at least one author who has obtained the consent of the co-author (s) if applicable. After the submission of this agreement is signed by the author concerned, the amendment of the author or in the order of the author listed shall not be accepted.