Systematic Literature Review on Corporate Information Technology Governance in Indonesia using Cobit 2019

The development of Information Technology as a data communication medium is growing very rapidly. The role of information technology is of course very crucial. However, the problem that often occurs in companies or agencies is the incompatibility of technology expectations with technology that already exists in a company. Therefore, it is necessary to manage the use of information technology. This study is a literature review that aims to analyze the IT governance of companies or agencies in Indonesia that use Cobit 2019. This study uses the Systematic Literature Review (SLR) method, to answer Research Questions (RQ): RQ1 related to the company or agency that is the case study when evaluating governance using Cobit 2019, RQ2 related to the type of journal publication and year of publication of the article, and RQ3 related to recommendations from recommended domains from journal case studies. The results of the study obtained as many as 18 journal articles and proceedings were selected in the search process according to the established criteria. The results of a specific study in the context of the main question of this study, namely the governance system of 18 companies or agencies have used Cobit 2019 (answer from RQ1). The selected relevant article types include 18 articles sourced from 7 journal articles and 11 proceedings articles with a range of publication years from 2019 to 2021 (answer from RQ2). From the selected articles, it was identified that the use of the Deliver, Service, and Support (DSS) domain was the most dominant in the implementation of Cobit 2019 in companies or agencies in Indonesia. The results of the study are further described in this article.


INTRODUCTION
The development of information technology as a medium for exchanging data is currently growing very rapidly. The role of information technology in a company certainly has a big influence on technology growth. The management of the right information system will have an impact on an agency in achieving its target goals. On the one hand, the realization of good governance, service quality, accountability, and transparency in the management of companies/agencies is expected to be more effective through information technology systems (Sofyani et al., 2020). The advancement of the development of existing science and technology, especially in the IT field, plays an important role in supporting the progress of an organization or company. Information Technology is now an inseparable and integrated part of business goals within the organization. How information technology is applied in an organization or company will greatly affect how far the organization has achieved its vision, mission, or strategic goals (Zhang et al., 2016).

| |355
Control Objective for Information and related Technology (COBIT) is a framework in information governance and management of enterprise information and technology that leads to the entire company. Cobit has a definition of design factors and components to build and maintain a governance system that best fits the needs of organizations and companies. Cobit is part of the ISACA (System Information and Control Association) developed by the IT Government Institute (Hidayat, 2015). With the development of existing technology, the domain in Cobit will also develop. After Cobit 5 then developed back into Cobit 2019.
Cobit 2019 is a work step used in evaluating IT governance and management. Cobit 2019 has a role in controlling, maximizing the value of information and technology with the aim of helping organizations earn profits, achieve resource optimization and achieve risk optimization. One of the drivers of the formation of Cobit 2019 is in the management of information technology in organizations that are required to be more agile, faster, and support existing innovations (Information Systems Audit and Control Association, 2018b).
Information technology governance is a related process and structure to control and direct the company in achieving its goals through adding value between the risks and benefits of information technology and its processes. Information technology governance connects every process in information technology (IT), IT resources, strategic information and goals of organizations and companies. Due to the fast improvement of records era and the want for the price of records era, hazard control of records era has been identified as an vital element via way of means of agencies and organizations (Hidayat, 2015). According to the meaning of the definition, it can be interpreted that information technology governance is the most important part of the organization by covering processes and information technology that is in line with the strategy of the organization.
Cobit 2019 is a framework guide for IT governance and management found by ISACA (Information Systems Audit and Control Association, 2018a). This framework is the latest version which is an improvement and addition to the previous version, namely COBIT 5. Cobit 2019 provides more in-depth guidance on IT governance in the company and Enterprise Governance of IT (EGIT) which is in accordance with the needs of each company, has 40 cores of governance objectives and management objectives defined through the Cobit Core Model. This guide in Cobit 2019 draws on references to other frameworks and standards. The Cobit core model has 5 domains which are divided into two main parts, namely in governance it has an Evaluate Direct Monitor (EDM) domain and in management there is a domain Align Plan and Organize (APO), Deliver Service and Support (DSS), Build Acquire and Implement (BAI), and Monitor Evaluate and Assess (MEA). In COBIT 2019 each process contained in each domain is referred to as an objective.
This study focuses on using the Systematic Literature Review (SLR) which has the aim of analyzing IT governance at companies in Indonesia that use Cobit 2019. The selected papers will be summarized and analyzed. The main purpose of the literature review is to review the topic of IT governance at Cobit 2019 and provide a summary related to Cobit 2019 research so that it is hoped that it will be easier to understand for further research.

METHOD
This study uses the Systematic Literature Review (SLR) method. SLR is a research and development methodology for collecting and revising a research with a specific topic (Triandini et al., 2019)  RQ3. What are the recommendations of the suggested domain from the case study journal? 2. Search Process is used to obtain relevant data sources in answering the Research Question (RQ) and related references. 3. Inclusion and Exclusion Criteria is a stage that has a decision whether the data found are suitable for use for SLR research or not. The study is eligible or not selected through the criteria, a) the data used has COBIT 2019 coverage for companies or agencies in Indonesia, b) the data obtained must be between the Scopus database and or indexed at least SINTA 3, and c) the data is contained recommendations on the domain regarding COBIT 2019. 4. Quality Assessment, namely the data found will be evaluated based on the following quality assessment criteria questions:  QA1. Is there a company or agency that becomes a case study when evaluating a governance audit using COBIT 2019?  QA2. What is the type of journal publication and the year the article was published?  QA3. What are the recommendations on the suggested domain based on the results of the literature review? 5. Data Collection, namely data collection in the form of primary data obtained from journal references among the Scopus, ScienceDirect, ProQuest databases and or at least indexed at least SINTA 3; secondary data obtained from the observation phase of the journal database with the keywords "Implementation of COBIT 2019"; literature study conducted using the SLR method; and documentation (collecting all data obtained into Zotero software). 6. Data Analysis, namely data analysis to show the result data referring to RQ1, RQ2, and RQ3. 7. Deviation from Protocol (Report Storage).

RESULTS AND DISCUSSION Inclusion and Exclusion Criteria
The results of inclusion and exclusion criteria are presented in Figure 1. The process starts from searching on the source sites for journal articles and proceedings. The search results in this phase obtained as many as 65 articles. Next, screening was carried out with several criteria (see Figure 1 of the screening phase) and 50 articles were selected from the screening and all of them were accessible. Based on the inclusion criteria that have been set, 18 articles were selected from journals and proceedings based on the indexation of Scopus and SINTA.  Table 1 shows the results of the search process which are then grouped based on the selected title to facilitate the type of data or journal obtained. The search process has identified articles from selected journals, including author names, titles, and journal types. A total of 18 articles from selected journals describe the use of Cobit 2019 in companies/agencies. Articles from journals were selected based on their relevance to the searching keyword (Implementation of COBIT 2019), all covered article titles provided information, designs, analyzes, assessments and evaluations of the use of Cobit 2019, and on average were case studies at certain companies/agencies. All articles from selected relevant journals provide information on information technology governance of certain companies/agencies, this is in line with the support of technological advances that can ensure the development of corporate governance and development strategies (Jayadi et al., 2019).

Data Analysis based on Quality Assessment
The data analysis based on the quality assessment is presented in Table 2. From the 18 journal articles selected in the search process, the title of the article, the subject of the agency that uses the Cobit 2019 information technology management system, and the suggested domain in the selected article are identified. Referring to the SLR to answer RQ1 in this study, it seems that the corporate or agency governance system has used Cobit 2019. Its use reaches a wide range of companies, government agencies, private institutions, banks, hospitals, and even educational institutions (see Table 1 and Table 2). When compared to the previous generation (Cobit 5 areas, have made Cobit 2019 an attractive choice for companies/agencies to use and take advantage of (Steuperaert, 2019).
Regarding the type of journal publication and the year of publication of the article (to answer RQ2), the results of the SLR analysis show that the types of relevant articles selected include journal articles and proceeding articles, of which 18 articles were sourced from 7 journal articles and 11 proceedings articles. The range of publication years for selected articles is from 2019 to 2021, considering that the Cobit 2019 information technology management system is still relatively new. Its use in Indonesia has grown rapidly in recent years in line with positive public perceptions, especially workers who want service quality, accountability, and transparency in the management of companies/agencies using more effective information technology systems (Sofyani et al., 2020). Support for the development of good governance by utilizing information technology systems is also in line with the massive use of the internet in many fields (internet of things, for things and by things) (Kolah, 2019).
The SLR results show a variety of recommendations from the suggested domain (to answer RQ2). From 18 journal articles and proceedings identified the most dominant use of the Delivery, service, and support domain (DSS). The DSS domain is one of the five COBIT 2019 domains included in Managing Corporate IT. The DSS domain focuses on providing data, services, and support for effective and efficient information systems. The DSS domain has six processes: a) DSS01 management operation. b) DSS02 manages service requests and incidents. c) DSS03 manages the problem. d) DSS04 manages continuity. e) DSS05 manages security services. f) DSS06 manages business process control (Atrinawati et al., 2021).

COUNCLUSION
The results of the study obtained as many as 18 journal articles and proceedings were selected in the search process according to the established criteria. The results of a specific study in the context of the main question of this study, namely the governance system of 18 companies or agencies have used Cobit 2019 (answer from RQ1). The selected relevant article types include 18 articles sourced from 7 journal articles and 11 proceedings articles with a range of publication years from 2019 to 2021 (answer from RQ2). From the selected articles, it was identified that the use of the Deliver, Service, and Support (DSS) domain was the most dominant in the implementation of Cobit 2019 in companies or agencies in Indonesia.