CTRI Framework: Integrating COBIT 4.1 Maturity, Risk Priority, and Transition to COBIT 2019

Authors

  • Kasmala ISB Atma Luhur
  • Hilyah Magdalena information systems study program ISB Atma Luhur

DOI:

10.33395/sinkron.v10i3.16083

Keywords:

COBIT 2019, GAP analysis, IT governance, maturity level, sales application

Abstract

This study proposes the CTRI (COBIT Transition and Risk Integration) framework, a novel methodological integration for IT governance evaluation in SMEs. Unlike prior COBIT 4.1 studies that only report maturity gaps, the CTRI framework addresses three critical gaps: (1) lack of actionable recommendations, (2) absence of risk and feasibility considerations, and (3) no systematic bridge from COBIT 4.1 to COBIT 2019. The CTRI framework consists of three integrated layers. Layer 1 quantifies maturity gaps across six COBIT 4.1 domains (PO2, AI2, AI6, DS5, DS11, ME1). Layer 2 introduces the Risk–Feasibility Priority Matrix (RFPM) which calculates a Priority Action Score (PAS) = Risk Impact × Implementation Feasibility, where risk impact is high (3), medium (2), or low (1), and feasibility is easy (3), moderate (2), or difficult (1). Recommendations with PAS ≥ 6 are top priority. Layer 3 provides explicit transition mapping from each COBIT 4.1 recommendation to COBIT 2019 governance objectives and design factors. Applied to a sales application at PT Ciequ (Indonesian SME), data were collected via observation, interviews with three key informants, and documentation review. Findings reveal an average maturity level of 2.45, with largest gaps in AI2 (1.23) and DS5 (0.89). The RFPM prioritizes AI2 (PAS=9), DS5 (PAS=6), and AI6 (PAS=6) as top actions. A three-phase transition roadmap (Stabilize → Standardize → Monitor) to COBIT 2019 is provided, with APO13 (security) and APO05 (portfolio) as priority objectives. This study contributes a reusable, risk-aware, transition-forward methodology that bridges legacy and modern IT governance frameworks for resource-constrained SMEs.

GS Cited Analysis

Downloads

Download data is not yet available.

References

Amalsyah, M. R., Kurniawan, D., Rifai, A., Sari, P., Studi, P., Informasi, S., Komputer, I., Sriwijaya, U., Masjid, J., Gazali, A., Lama, B., Palembang, K., & Selatan, S. (2025). Analisis Sentimen Ulasan Pengguna Aplikasi Fintech menggunakan Framework CRISP-DM dalam Penentuan Prioritas Pengembangan Produk. Sistemasi: Jurnal Sistem Informasi, 14(2), 813–825. http://sistemasi.ftik.unisi.ac.id

Andika, D., Mulyana, R., & Ramadhani, L. (2024). IT Governance Design Based on COBIT 2019 SME Focus Area for UMKM BPRBCo Digital Transformation. Journal of Information System Research (JOSH), 6(1), 205–218. https://doi.org/10.47065/josh.v6i1.5905

Anggraeni, O. P., Karyadi, K., & Abdussalaam, F. (2023). Perancangan Sistem Informasi Penjualan Berbasis Web di PT. MARKTEL. Jurnal Teknologi Sistem Informasi Dan Aplikasi, 6(4), 523–530. https://doi.org/10.32493/jtsi.v6i4.33156

Antariksa, M. D. S., Angin, M. P., & Widodo, A. P. (2025). COBIT 2019 Framework in IT Governance: A Systematic Literature Review of Implementation Challenges and Benefits Across Various Industry Sectors. Journal of Renewable Energy, Electrical, and Computer Engineering, 5(1), 99–105. https://doi.org/10.29103/jreece.v5i1.19501

Bangsa, G. P., & Hasugian, H. (2022). Perancangan Dan Implementasi Sistem Informasi Penjualan Berbasis Web E-Commerce Pada Toko Febriyanahelmet. IDEALIS : InDonEsiA JournaL Information System, 5(2), 126–134. https://doi.org/10.36080/idealis.v5i2.2950

Charoensiwarak, K., Kuljirakul, K., Khomsom, P., Tasana, M., Saengkaew, K., Promduangsi, P., Watakulsin, P., & Saenkum, N. (2025). AUDIT SISTEM INFORMASI PADA APLIKASI SISTEM KLINIK MENGGUNAKAN FRAMEWORK COBIT 4.1 DOMAIN MONITOR AND EVALUATE Studi Kasus: WW Dental Clinic. Jurnal Sistem Informasi (TEKNOFILE), 10(2), 66–79.

Cipta M Pasaribu, Mega Mustika, Dewi Rosmayanti, Abdul Rahman Kadafi, & Eko Setia Budi. (2023). Sistem Informasi Monitoring Absensi Menggunakan Framework COBIT 4.1. Bulletin of Computer Science Research, 3(4), 289–296. https://doi.org/10.47065/bulletincsr.v3i4.268

Lusiana U., Imtihan K., & Zaen M.T.A. (2024). Audit Aplikasi Online Data Sistem (Ods) Menggunakan Cobit 4.1. Jurnal Informatika Teknologi Dan Sains (JINTEKS), 6(2), 211–216.

Maghfiroh, Ma’sumatul, F., Natalina, Anugrah, S., Efendi, & Rofik. (2023). Transformasi Ekonomi Digital: Connection Integration E-Commerce Dan S-Commerce Dalam Upaya Perkembangan Ekonomi Berkelanjutan. Proceedings of Islamic Economics, Business, and Philanthropy, 2(1), 01–10. https://jurnalfebi.iainkediri.ac.id/index.php/proceedings

Nurfadhiilah, A., Faharuddin, F., & Jumaryadi, Y. (2024). Analisa Audit Sistem Informasi Tata Kelola TI menggunakanFramework COBIT 4.1 dengan mengukur Tingkat MaturityLevel. SISTEMASI: Jurnal Sistem Informasi, 13(2), 412–419. http://sistemasi.ftik.unisi.ac.id

Purba, F. A. (2024). ANALISIS MANAJEMEN RESIKO TEKNOLOGI INFORMASI DAN PEMETAAN MATURITY LEVEL MENGGUNAKAN FRAMEWORK COBIT 4.1 (Studi Kasus: PT. CAHAYA BINTANG). Jurnal Teknologi Dan Manajemen Sistem Industri, 3(1), 11–20. https://doi.org/10.56071/jtmsi.v3i1.497

Ricky Rohmanto1, Miki Wijana2, Sarah Nurfadhilah3, M. E. H. (2025). Pengukuran Tingkat Maturity Tata Kelola Sistem Informasi Rumah Sakit dengan Menggunakan Framework Cobit 4.1 (Studi Kasus: Rumah Sakit “A”). INTERNAL (Information System Journal) Indormatika, 8(3), 135–144.

Septiawan, E., Andini, S., & Rahmawati, S. (2024). Analysis of Information Technology Governance in the Transportation Agency using the Cobit 4.1 Framework. Journal of Computer Scine and Information Technology, 10, 108–113. https://doi.org/10.35134/jcsitech.v10i4.112

Widiana, S. A., Sintaro, S., Arundaa, R., Alfonsius, E., & Lapihu, D. (2022). Aplikasi Penjualan Baju Berbasis Web (E-Commerce) dengan Formulasi Penyusunan Kode. Journal of Information Technology, Software Engineering and Computer Science (ITSECS), 1(1), 35–43. https://doi.org/10.58602/itsecs.v1i1.11

Downloads


Crossmark Updates

How to Cite

Kasmala, K., & Magdalena, H. (2026). CTRI Framework: Integrating COBIT 4.1 Maturity, Risk Priority, and Transition to COBIT 2019. Sinkron : Jurnal Dan Penelitian Teknik Informatika, 10(3), 1311-1318. https://doi.org/10.33395/sinkron.v10i3.16083