Get CISM Pdf Questions If You Aspire to Get Brilliant Success In Isaca Exam
Bimbingan Teknis - ITSM Forum Indonesiaitsmforum.id/BIMTEK_TATAKELOLA_LAYANAN-v1.pdfSep 19, 2017 ·...
Transcript of Bimbingan Teknis - ITSM Forum Indonesiaitsmforum.id/BIMTEK_TATAKELOLA_LAYANAN-v1.pdfSep 19, 2017 ·...
AGENDA
✓ WORKING GROUP LAYANAN & TATA KELOLA TI
✓ SNI 38500 - TATA KELOLA TEKNOLOGI INFORMASI
✓ TATA KELOLA DAN MANAJEMEN LAYANAN TI DAN PERATURAN DI INDONESIA
✓ SNI 20000 - MANAJEMEN LAYANAN TEKNOLOGI INFORMASI
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 2
WG LAYANAN & TATA KELOLA TI
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 3
WG LAYANAN & TATA KELOLA TIWorking Group ISO Layanan dibentuk oleh Kominfo dan BSN bekerjasama dengan praktisi, bertujuan untuk mengadopsi ISO menjadi SNI.
No Judul SNI
1 SNI ISO/IEC 20000-1: 2013Teknologi Informasi - Manajemen Layanan - Bagian 1: Persyaratan sistem manajemen layanan
2 SNI ISO/IEC 20000-2: 2013Teknologi informasi - Manajemen layanan - Bagian 2: Pedoman penerapan sistem manajemen layanan
3 SNI ISO/IEC TR 20000-3: 2013Teknologi informasi - Manajemen layanan - Bagian 3: Pedoman pendefinisian lingkup dan kesesuaian dari SNI ISO/IEC 20000-1
4 SNI ISO/IEC TR 20000-4: 2013Teknologi informasi - Manajemen layanan - Bagian 4: Model referensi proses
5 SNI ISO/IEC 20000-5:2016Teknologi informasi — Manajemen layanan — Bagian 5: Contoh acuan perencanaan implementasi SNI ISO/IEC 20000-1
6 SNI ISO/IEC TR 20000-9:2016 Teknologi informasi — Manajemen layanan — Bagian 9: Pedoman penerapan SNI ISO/IEC 20000-1 ke layanancloud
7 SNI ISO/IEC TR 20000-10:2016 Teknologi informasi — Manajemen layanan — Bagian 10: Konsep dan terminologi
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 4
WG LAYANAN & TATA KELOLA TI
No Judul SNI
8 SNI ISO/IEC 15504-6:2015Teknologi informasi - Asesmen proses - Bagian 6: Contoh model asesmen proses daur hidup sistem
9 SNI ISO/IEC TS 15504-8:2015Teknologi informasi - Asesmen proses - Bagian 8: Contoh model asesmen proses untuk manajemen layanan teknologi informasi
10 SNI ISO/IEC TS 15504-9:2015Teknologi informasi - Asesmen proses - Bagian 9: Profil proses target
11 SNI ISO/IEC TR 38502:2016Teknologi informasi — Tata kelola TI — Kerangka kerja dan model
12 SNI ISO/IEC 15504-3:2015Teknologi Informasi - Asesmen proses - Bagian 3: Panduan pelaksanaan asesmen
13 SNI ISO/IEC 15504-4 :2015Teknologi informasi - Asesmen proses - Bagian 4: Panduan penggunaan perbaikan proses dan penentuan kapabilitas proses
14 SNI ISO/IEC 15504-5:2015Teknologi informasi - Asesmen proses - Bagian 5: Contoh model asesmen proses daur hidup perangkat lunak
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 5
WG LAYANAN & TATA KELOLA TINo Judul SNI
15 SNI ISO/IEC 33001:2016 Teknologi informasi — Penilaian proses — Konsep dan terminologi
16 SNI ISO/IEC 33002:2016 Teknologi informasi — Penilaian proses — Persyaratan pelaksanaan penilaian proses
17 SNI ISO/IEC 33003:2016 Teknologi informasi — Penilaian proses — Persyaratan untuk kerangka kerja pengukuran proses
18 SIN ISO/IEC 33004:2016 Teknologi informasi — Penilaian proses — Persyaratan untuk acuan proses, penilaian proses dan model kematangan
19 SNI ISO/IEC TR 33014:2016 Teknologi informasi — Penilaian proses — Panduan untuk perbaikan proses
20 SNI ISO/IEC 33020:2016 Teknologi informasi — Penilaian proses — Kerangka kerja pengukuran proses untuk penilaian terhadap kemampuan proses
21 SNI ISO/IEC 38500:2016Teknologi informasi — Tata kelola TI untuk organisasi
22 SNI ISO/IEC TS 38501:2016 Teknologi informasi — Tata kelola TI — Panduan implementasi
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 6
WG LAYANAN & TATA KELOLA TIPrioritas Pertama : Kelompok SNI 38500
◦ SNI Tata Kelola TI menjadi kunci utama utkpenerapan berbagai sistem manajemen lainnya
Prioritas Kedua : Kelompok SNI 15504/33001
◦ SNI Penilaian Proses menjadi jembatan antaraSNI Tata Kelola dengan SNI Sistem Manajemen
Prioritas Ketiga : Kelompok SNI 20000 danKelompok SNI 27000 secara Terintegrasi
◦ SNI Sistem Manajemen Layanan dan SNI SistemManajemen Keamanan harus diadopsi secaraterintegrasi agar lebih efektif dan efisien
19 SEPTEMBER 2017 - IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 7
SNI 38500 – TATA KELOLA TICHANDRA YULISTIA, SE AK CISA CISM - IASII
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 8
ISO 38500 – AKTIFITAS & PRINSIP
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 9
Evaluasi
Arahkan Monitor
Tata Kelola
TIK
KebutuhanBisnis
TekananBisnis
Ren
can
ake
bija
kan
Kin
erja
Kes
esu
aian
Pro
po
sal
Proses Bisnis
Proyek TIK Operasi TIK
ISO 38501 – IMPLEMENTASI
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 10
ISO 38502 – ASSESSMENT RATING
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 11
Rating Description
Unknown — No knowledge of the level of achievement of outcomes and no evidence of success
Not Applied — The majority of beneficial outcomes are not being achieved
— Little evidence of success
Somewhat applied — Some beneficial outcomes being achieved to a certain degree with one or more beneficial outcomes not being achieved at all
— Some evidence of success visible with one or more aspects not in place at all
Largely Applied — All beneficial outcomes being achieved to a large degree with certain beneficial outcomes being fully achieved
— All evidence of success visible to a large extent with certain aspects being fully in place
Fully Applied — All beneficial outcomes are being fully achieved
— All evidence of success fully implemented and working effectively
ISO 38502 – ASSESSMENT – PRINCIPLE
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 12
Table B.1 — Assessment criteria for the Responsibility principle
Beneficial Outcomes Evidence of Success
The organization successfully implements IT enabled business change
Executive managers lead business process, organization structure and human change when implementing IT solutions
Organizational value is generated by IT Executive managers treat IT as an investment for return, not solely as a cost to be reduced
The organization receives the quality of services it requires in the most effective and efficient manner possible
Executive managers determine the best IT delivery model considering :
— Decision rights and control structures (central, de-central, federal, etc.)
— Supply : Optimising the provision of IT (sourcing strategy)
ISO 38502 – ASSESSMENT – PRINCIPLE
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 13
Table B.2 — Assessment criteria for the Strategy principle
Beneficial Outcomes Evidence of Success
The organization's operations are effectively supported by IT and strategic change is appropriately enabled by IT
IT clearly aligned to business strategy and architecture
The organization's decision support systems provide high quality and timely information
The business requirements regarding usability, confidentiality, integrity and availability of data used for decisions are identified and met.
The organization’s objectives are enabled through IT innovation
IT used to:
— Enable, disrupt and redefine business models
— Engage and connect with customers
ISO 38502 – ASSESSMENT – PRINCIPLE
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 14
Table B.3 — Assessment criteria for the Acquisition principle
Beneficial Outcomes Evidence of Success
Investments in IT prioritised on the extent to which their potential contribution to the business is both attractive and achievable
IT investments structured into portfolios, returns on investments required to meet hurdle rates
Business requirements are fully supported by selected IT solutions
IT solutions procurement process ensures that functionality, usability, architectural, security, performance, availability, etc. requirements are met
Implementation programs proceed according to plan and achieve business benefits
Change programs structured to deliver business capabilities with careful management of costs, risks, schedule and benefits
ISO 38502 – ASSESSMENT – PRINCIPLE
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 15
Table B.4 — Assessment criteria for the Performance principle
Beneficial Outcomes Evidence of Success
All stakeholders able to interact and transact with IT systems that provide the services, levels of service and service quality to meet their requirements
IT appropriately responsive and available even in the event of high demand and or disaster. IT changes and upgrades effected only with planned disruption to the business.
Information is complete, accurate, secure and accessible
IT is protected against unauthorised access or changes to data. Controls in place to ensure the integrity of data
Stakeholders effectively assisted when requesting IT support
Effective service desk that resolves requests, incidents & problems and ensures that customers are assisted within defined service levels
ISO 38502 – ASSESSMENT – PRINCIPLE
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 16
Table B.5 — Assessment criteria for the Conformance principle
Beneficial Outcomes Evidence of Success
The organization’s policies, rules and mandates are accurately implemented by IT
Mature IT processes and controls in place, ensuring conformance to organizational policies, service requirements and risk appetite
The organization properly manages its information and transactions so that there are no breaches of legal and/or regulatory requirements
On-going monitoring of relevant legislation, implementation of necessary IT processes and controls and provision of independent assurance
ISO 38502 – ASSESSMENT – PRINCIPLE
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 17
Table B.6 — Assessment criteria for the Human Behaviour principle
Beneficial Outcomes Evidence of Success
Stakeholders use the organization’s IT in an acceptable manner
Executive managers provide leadership, supported by appropriate policy education, training and conformance monitoring for users & service providers
Business efficiency and value generated from staff using IT in a productive and effective manner
On-going education, training & competence testing for all users on all aspects of the use of the organization's IT
ISO 38502 – KERANGKA ELEMEN UTAMA
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 18
TATA KELOLA & MANAJEMEN LAYANAN TI DAN PERATURAN DI INDONESIAHARUN AL RASYID, SE CISA COBIT5F, ISO27001 -IA
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 19
Keterhubungan Tata Kelola TI
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 20
COBIT dan Management Framework Lain
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 21
COBIT acting as CONSOLIDATOR
Keterhubungan SNI/ISO
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 22
Keterhubungan SNI/ISO
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 23
Drivers
Enterprise Governance
IT Governance
Best Practice Standards
Processes and Procedures
C O B I T
Balanced Scorecard
COSOPP60/2008
Performance Conformance
SNI ISO 9000
SNI ISO 27001
SNI ISO 20000
QA Procedures
Security Principles
IT Service Management
PP 60/2008Sistem Pengendalian Intern Pemerintah
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 24
PP 60/2008Sistem Pengendalian Intern Pemerintah
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 25
Tata Kelola TI: COBIT 5 Standard & Framework Lain
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 26
SNI 20000 – MANAJEMEN LAYANAN TIDR. YUCKI PRIHADI, SSI , MM, MKOM – ITSM FORUM INDONESIA
19 SEPTEMBER 2017 IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 27
ISO 20000 – MANAJEMEN LAYANAN
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 28
ISO 20000 – MANAJEMEN LAYANAN
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 29
ISO 20000 – MANAJEMEN LAYANAN
19 SEPTEMBER 2017IPB INTERNATIONAL CONVENTION
BIMTEK TATAKELOLA & LAYANAN TIK 30