Information System Audit using COBIT 2019 on Multi Finance Company

Handono Warih; Markus Adrian; Jarot S Suroso

doi:10.51967/tanesa.v26i1.3319

Authors

Handono Warih Department of Information Technology, Pradita University
Markus Adrian Department of Information Technology, Pradita University
Jarot S Suroso Department of Information Technology

DOI:

https://doi.org/10.51967/tanesa.v26i1.3319

Keywords:

COBIT 2019, Information System Audit, IT Governance, Multi-Finance Industry, Blockchain Governance.

Abstract

This research paper explores the extension of COBIT 2019 into a decentralized governance framework, specifically tailored for multi-finance companies in the fintech industry. The fintech sector faces rapid technological advancements, dynamic regulatory environments, and scaling cybersecurity threats; hence, conventional governance models often do not have the flexibility and scalability to cope with these challenges effectively. It addresses these lapses by proposing a framework for governance incorporating the use of decentralized autonomous organizations, blockchain technology for transparency, and artificial intelligence for predictive risk management. The model shall be endowed with smart contracts that guarantee enforcement of compliance in an automated manner, blockchain maintenance of an unalterable audit trail, and the use of AI in finding and mitigating emerging risks in real time. These innovations are also in tune with critical COBOT 2019 domains such as MEA02 (Auditability), APO12 for Risk Management, and DSS05 for Security Services, giving them an all-encompassing and adaptive governance approach. The testing of the proposed model demonstrates significant improvement in operational resilience, regulatory compliance, and stakeholder confidence, especially within high stakes fintech environments. These findings show that incorporating emergent technologies into COBIT 2019 provides added value in governance practices and positions a scalable and future-oriented solution to help navigate the complexities of the fintech sector. This research has contributed to the development of IT governance by showing how a decentralized and technology-integrated framework can transform governance practices in ensuring agility and security within multi-finance operations.

References

Adegbite, M. A. (2025). Data Privacy And Data Security Challenges In Digital Finance. Journal of Digital Security and Forensics, 2(1), 6-19..

Balcerzak, A., Nica, E., Rogalska, E., Poliak, M., Kliestik, T., & Oana, S. (2022). Blockchain Technology and Smart Contracts in Decentralized Governance Systems. Administrative Sciences, 12, 96. https://doi.org/10.3390/admsci12030096

Bouteraa, M., Chekima, B., Thurasamy, R., Bin-Nashwan, S. A., Al-Daihani, M., Baddou, A., Sadallah, M., & Ansar, R. (2024a). Open Innovation in the Financial Sector: A Mixed-Methods Approach to Assess Bankers’ Willingness to Embrace Open-AI ChatGPT. Journal of Open Innovation: Technology, Market, and Complexity, 10(1), 100216. https://doi.org/10.1016/J.JOITMC.2024.100216

Ferraro, C., Demsar, V., Sands, S., Restrepo, M., & Campbell, C. (2024). The paradoxes of generative AI-enabled customer service: A guide for managers. Business Horizons, 67(5), 549–559. https://doi.org/10.1016/J.BUSHOR.2024.04.013

Huang, Z., Xu, Z., Wang, X., & Xu, Z. (2024a). The analysis of credit governance in the digital economy development under artificial neural networks. Heliyon, 10(20), e39286. https://doi.org/10.1016/J.HELIYON.2024.E39286

Huang, Z., Xu, Z., Wang, X., & Xu, Z. (2024b). The analysis of credit governance in the digital economy development under artificial neural networks. Heliyon, 10(20), e39286. https://doi.org/10.1016/J.HELIYON.2024.E39286

Ilori, O., Nwosu, N., & Naiho, H. (2024). A comprehensive review of it governance: effective implementation of COBIT and ITIL frameworks in financial institutions. Computer Science & IT Research Journal, 5, 1391–1407. https://doi.org/10.51594/csitrj.v5i6.1224

Jarot, N. G., & Suroso, S. S. (2022). Analysis of Risk Management Information System Applications Using Iso/Iec 27001:2022. 7(7), 11.

Lainhart, J. (2019). COBIT 2019 Framework Governance and Management Objectives.

Leonardo, K., & Latuperissa, R. (2024a). Information Technology Governance Design in Trading Companies Using the COBIT 2019 Framework. Journal of Information Systems and Informatics, 6(3), 1466–1483. https://doi.org/10.51519/journalisi.v6i3.798

Oktaviana, A., Adi, K., & Warsito, B. (2024). Adopting COBIT 2019 for the Evaluation of Information Technology Risk Management in a Startup Company. International Journal of Innovative Science and Research Technology (IJISRT), 1613–1621. https://doi.org/10.38124/ijisrt/IJISRT24JUN1542

Reddy, M. S. (2024b). Exploring the Transformative Impact of Fintech on Banking, Finance. 08(04).

Rusman, A., Nadlifatin, R., & Subriadi, A. P. (2022). Analysis Factors Affect Information System Audit Using COBIT and ITIL Framework. SinkrOn, 7(3), 799–810. https://doi.org/10.33395/sinkron.v7i3.11476

Sherly, S., & Fianty, M. (2024b). Enhancing Financial Technology Operations: A Comprehensive Evaluation Using COBIT 2019 Framework. Jurnal Riset Informatika, 6, 57–66. https://doi.org/10.34288/jri.v6i2.267

Sim, I. (2024a). Billion-dollar cyberfraud industry expands in Southeast Asia as criminals adopt new technologies. https://www.unodc.org/roseap/en/2024/10/cyberfraud-industry-expands-southeast-asia/story.html

Soh, T. (2024). Singapore leads Asean in fintech investment and deals for 9M 2024: report . https://www.businesstimes.com.sg/international/asean/singapore-leads-asean-fintech-investment-and-deals-9m-2024-report

Solikhah, M., Magdalena, L., & Hatta, M. (2024). Implementation of the cobit 2019 framework on information technology governance and risk management (study case: cv. Syntax corporation indonesia). Journal of Universal Studies, 4(7). http://eduvest.greenvest.co.id

Suroso, J., & Rahadi, B. (2017). Development of IT risk management framework using COBIT 4.1, implementation in IT governance for support business strategy. 92–96. https://doi.org/10.1145/3124116.3124134

Suroso, J. S., & Fakhrozi, M. A. (2018). Assessment of Information System Risk Management with Octave Allegro at Education Institution. Procedia Computer Science, 135, 202–213. https://doi.org/10.1016/J.PROCS.2018.08.167

Suroso, J. S., & Rahadi, B. (2017). Development of IT risk management framework using COBIT 4.1, implementation in it governance for support business strategy. ACM International Conference Proceeding Series, Part F130654, 92–96. https://doi.org/10.1145/3124116.3124134

Tatineni, S., & Mustyala, A. (2024). Enhancing Financial Security: Data Science’s Role in Risk Management and Fraud Detection. International Journal of Advancements in Computational Technology, 2, 2583–8628. https://doi.org/10.56472/25838628/IJACT-V2I2P113

Therese Soh. (2024, November 6). Singapore leads Asean in fintech investment and deals for 9M 2024: report . https://www.businesstimes.com.sg/international/asean/singapore-leads-asean-fintech-investment-and-deals-9m-2024-report