Anda di halaman 1dari 28

EVALUASI PENGENDALIAN SISTEM INFORMASI PENGIRIMAN BARANG PADA PT.

TIKI JALUR NUGRAHA EKAKURIR


Felix and Yusup and Vendy Fren
Information Systems, School of Information Systems, BINUS University

Abstrak
Tujuan Penelitian ialah untuk mengetahui dan mengevaluasi sistem informasi pengiriman barang yang berjalan pada PT. Tiki Jalur Nugraha Ekakurir, untuk mengidentifikasi kelemahan yang terkait dengan sistem pengiriman barang yang berjalan pada PT. Tiki Jalur Nugraha Ekakurir, serta memberikan rekomendasi dan saran untuk memperbaiki kelemahan-kelemahan yang ada pada sistem pengiriman barang yang berjalan pada PT. Tiki Jalur Nugraha Ekakurir. Metodologi Penelitian yang digunakan dalam melakukan evaluasi pengendalian terhadap sistem informasi pengiriman barang pada PT. Tiki Jalur Nugraha Ekakurir yaitu studi kepustakaan dan studi lapangan : observasi, wawancara, checklist serta studi dokumentasi. Hasil yang ingin dicapai pada penelitian ini adalah berupa evaluasi sistem yang disajikan dalam bentuk temuan terhadap masalah yang terdapat dalam sistem informasi pengiriman barang serta rekomendasi yang diberikan untuk mengatasi masalah maupun kelemahan yang terdapat dalam sistem informasi pengiriman barang pada PT. Tiki Jalur Nugraha Ekakurir. Simpulan yang kami berikan adalah pengendalian sistem informasi pengiriman barang di PT. Tiki Jalur Nugraha Ekakurir sudah berjalan dengan baik, namun masih terdapat beberapa kelemahan dalam pengendalian sistemnya, maka dari itu kami memberikan saran perbaikan dalam meningkatkan pengendalian sistem informasi pengiriman barang dalam mendukung tujuan bisnis. Kata kunci : Evaluasi, Informasi, Pengendalian, Pengiriman, Sistem

1. Pendahuluan
1.1 Latar Belakang Pada saat ini teknologi informasi merupakan salah satu penunjang utama dalam kegiatan sehari-hari di semua bidang. Grant, G. L, JD, Royle, M. T. (2011).

Information technology to the success of organizations, the vast majority conclude that IT cannot be considered a source of sustained competitive advantage. Nevertheless, the literature sets forth numerous examples of IT facilitating innovation, improving efficiency, and exhibiting other characteristics that are established indicators of sustained competitive advantage. Kutipan jurnal tersebut menyimpulkan bahwa teknologi informasi sebagai sumber keberhasilan dalam organisasi dan dijadikan sebagai indikator keunggulan kompetitif yang berkelanjutan. Dengan semakin berkembangnya teknologi informasi saat ini, semakin memicu terjadinya kecurangan-kecurangan, kejahatan dalam penggunaan teknologi informasi yang menimbulkan kerugian dalam perusahaan, sehingga diperlukan teknik auditing untuk mengendalikan dan memastikan bahwa sistem informasi sudah sesuai dengan tujuan dan prosedur dalam

organisasi.Sebagaimana dengan pernyataan dari Ramanathan, J., et al (2007) Auditing is the process of maintaining detailed, secure records of critical activities in a business environment. Such records are referred to as audit logs. The critical activities recorded could be related to security, content management, business transactions, and so on. security-related critical activities that could be audited include login failures, unauthorized access to protected resources, modification of security policy, noncompliance with a specified security policy, and the status of security servers.

Kelemahan yang biasanya ditemukan dalam pengiriman data adalah bagaimana perusahaan menangani sistem informasi pengiriman barang. Karena berbagai macam jenis barang yang masuk ke perusahaan dengan keterbatasan waktu dan kesalahan sumber daya manusia (human error) yang ada sehingga dapat menimbulkan kemungkinan resiko yang terjadi. Sehingga dapat mengganggu kegiatan operasional perusahaan yang berdampak pada proses pengiriman barang yang terlambat atau tidak sampai barang ke tujuan atau kehilangan barang. Oleh karena itu, perlu dilakukan evaluasi terhadap kelemahan maupun resiko dalam sistem informasi pengiriman barang pada PT. Tiki Jalur Nugraha Ekakurir dengan menggunakan pendekatan COBIT, seperti yang dijelaskan oleh Cereola, S.J, Cereola R. J (2011) The COBIT framework related to each of the four domains identified below, perform a robust risk assessment identifying any internal control issues related to the use of information technology. Next, classify each internal control issues as a strength or weakness, and then, for each weakness, asses its risk as high, moderate, or low (high risk occurs when a company does not have any corrective actions in place when a key internal control weakness is found, and the company suffers a substantial loss as a result; moderate risks occur when an internal control weakness is found and the company does not have any corrective actions in a place, however, only minor losses may occur as a result; and a low risk occur when an internal control weakness is found and is considered a control deficiency).

Hal-hal tersebut menjadi latar belakang pengumpulan informasi mengenai sistem informasi pengiriman barang secara langsung maupun tidak langsung pada PT. Tiki Jalur Nugraha Ekakurir, sebuah perusahaan yang bergerak di bidang jasa pengiriman 3

barang. Maka analisa dan pembahasan tersebut dituangkan di dalam judul Evaluasi Pengendalian Sistem Informasi Pengiriman Barang PT. Tiki Jalur Nugraha Ekakurir.

1.2 Ruang Lingkup Karena luasnya sistem informasi yang diterapkan pada PT.Tiki Jalur Nugraha Ekakurir maka untuk lebih mengarahkan skripsi ini, diperlukan batasan-batasan sebagai ruang lingkup yang berkaitan dengan : 1. Evaluasi yang kami lakukan memfokuskan pada sistem informasi pengiriman barang pada PT.Tiki Jalur Nugraha Ekakurir khususnya prosedur outbound dan inbound yang berjalan. 2. 4 domain COBIT versi 4.1 : Plan and Organize, Acquire and Implement,

Delivery and Support, and Monitor and Evaluate.

1.3 Tujuan Penelitian Tujuan dari penelitian yang dilakukan adalah : a. Untuk mengetahui dan mengevaluasi sistem informasi pengiriman barang yang berjalan pada PT. Tiki Jalur Nugraha Ekakurir. b. Untuk mengidentifikasi kelemahan yang terkait dengan sistem pengiriman barang yang berjalan pada PT. Tiki Jalur Nugraha Ekakurir. c. Memberikan rekomendasi dan saran untuk memperbaiki kelemahan-kelemahan yang ada pada sistem pengiriman barang yang berjalan pada PT.Tiki Jalur Nugraha Ekakurir. 4

2. Panduan Umum
Metode penelitian untuk pengumpulan data yang dilakukan adalah sebagai berikut : 1. Studi Kepustakaaan Metodologi penelitan dengan mempelajari buku-buku maupun bahan-bahan tertulis lainnya yang terkait dengan penulisan skripsi ini. 2. Studi Lapangan Metode penelitian dengan melakukan peninjauan langsung pada perusahaan yang bersangkutan. Metode penelitian yang digunakan antara lain : a. Pengamatan (Observasi) Pengumpulan data dilakukan dengan cara mendatangi secara langsung perusahaan dan melakukan pengamatan terhadap kegiatan operasional dan penggunaan sistem informasi pengiriman barang PT. Tiki Jalur Nugraha Ekakurir. b. Wawancara Dilakukan dengan mengadakan tanya jawab secara langsung dengan pihakpihak yang terkait untuk memperoleh gambaran secara umum tentang perusahaan dan masalah-masalah yang berkaitan dengan pembahasan skripsi ini. c. Check List Dilakukan dengan memberikan daftar pertanyaan yang digunakan untuk mengevaluasi sistem pengiriman barang yang ada pada PT. Tiki Jalur Nugraha Ekakurir berdasarkan COBIT 4.1. d. Studi Dokumentasi 5

Mempelajari dokumen yang berkaitan dengan sistem informasi pengiriman barang pada PT. Tiki Jalur Nugraha Ekakurir.

3. Hasil dan Diskusi


Evaluasi sistem informasi pengiriman barang pada PT. Tiki Jalur Nugraha Ekakurir dengan menggunakan pendekatan COBIT yang terdiri dari 4 domain sebagai berikut :

3.1 Plan and Organize


Yaitu mencakup pembahasan tentang identifikasi dan strategi investasi TI yang memberikan yang terbaik untuk mendukung pencapaian tujuan bisnis. Selanjutnya identifikasi dan visi strategi perlu direncanakan, dikomunikasikan, dan diatur pelaksanaannya (dari berbagai perspektif). Dimana dalam PT. Tiki Jalur Nugraha Ekakurir diperoleh temuan-temuan yaitu : Perusahaan telah memiliki integrasi yang baik antara proses pengiriman dan implementasi IT dalam perusahaan sehingga proses pengiriman berjalan dengan baik sesuai dengan SOP perusahaan, Perusahaan telah memiliki perencanaan taktis yang baik terhadap TI, Perusahaan telah memiliki pengelolaan terhadap prosedur yang ada untuk menjamin integritas dan konsistensi data, Perusahaan telah melakukan perencanaan dalam menganalisis, memilih dan menggunakan teknologi yang tepat untuk dapat mendukung proses bisnis pengiriman, Perusahaan memiliki kerangka proses TI dalam menjalankan perencanaan strategis TI nya, Perusahaan memiliki komite pelaksana TI yang bertugas dalam mengawasi keberlangsungan sistem proses pengiriman perusahaan dan menyelesaikan masalah dengan pihak luar, Perusahaan 6

telah melakukan kegiatan memantau pada fungsi TI dan memastikan setiap staf melakukan tugas dan tanggung jawabnya sesuai dengan wewenangnya masingmasing.

3.2 Acquire and Implement


Yaitu untuk merealisasikan strategi TI, perlu diatur kebutuhan TI, diidentifikasi, dikembangkan, atau diimplementasikan secara terpadu dalam proses bisnis perusahaan.
Dimana dalam PT. Tiki Jalur Nugraha Ekakurir diperoleh temuan-temuan yaitu : Perusahaan telah melakukan pemeliharaan fungsi bisnis dan persyaratan teknis untuk tujuan bisnis yang diharapkan oleh perusahaan, Perusahaan telah memiliki prosedur keamanan aplikasi yang telah diimplementasikan untuk memenuhi tujuan bisnis perusahaan, Perusahaan telah mempunyai rencana untuk implementasi dan pemeliharaan infrastrukur TI yang memenuhi kebutuhan bisnis, Telah adanya perlindungan terhadap ketersediaan sumber daya infrastruktur hardware dan software perusahaan, Perusahaan telah melakukan pemindahan pengetahuan dan ketrampilan kepada pengguna akhir dalam menggunakan sistem secara efektif dan efisien dalam mendukung proses pengiriman perusahaan, Perusahaan telah melakukan pemberian pengetahuan dan keterampilan untuk

memungkinkan staff operasi dan teknis mampu menyalurkan, mendukung dan memelihara sistem secara efektif dan efisien.

3.3 Delivery and Support


Yaitu domain ini lebih dipusatkan pada ukuran tentang aspek dukungan TI terhadap kegiatan operasional bisnis (tingkat jasa layanan TI actual atau service level) dan aspek urutan (prioritas implementasi dan untuk pelatihannya). 7

Dimana dalam PT. Tiki Jalur Nugraha Ekakurir diperoleh temuan-temuan yaitu : Perusahaan telah menetapkan persetujuan untuk semua layanan teknologi informasi

berdasarkan kebutuhan pelanggan dan kemampuan teknologi informasi, Perusahaan telah menilai kinerja dan kapasitas sumber daya teknologi informasi untuk menentukan apakah kapasitas dan kinerja dapat meningkatkan proses pengiriman perusahaan, Perusahaan sudah mengawasi dan melakukan proses pelaporan atas kinerja dan kapasitas sumber daya

teknologi informasi untuk menentukan apakah sudah tercapai tujuan yang telah ditetapkan, Perusahaan telah mengadakan rencana pemeliharaan yang berkelanjutan terhadap teknologi informasi untuk memastikan sistem tersebut efektif dan relevan bagi perusahaan, Perencanaan keamanan TI secara keseluruhan telah diterapkan sesuai dengan standar dan prosedur yang ada, Perusahaan telah melakukan identifikasi pendidikan dan pelatihan terhadap pengguna sistem yang disesuaikan dengan implementasi sistem dalam perusahaan, Prosedur tentang penyimpanan dan pengarsipan data telah diterapkan dengan baik dalam perusahaan.

3.4 Monitor and Evaluate


Yaitu semua proses TI yang perlu dinilai secara berkala agar kualitas dan tujuan dukungan TI tercapai, dan kelengkapannya berdasarkan pada syarat kontrol internal yang baik.
Dimana dalam PT. Tiki Jalur Nugraha Ekakurir diperoleh temuan-temuan yaitu : Perusahaan telah menetapkan dan menerapkan langkah- langkah untuk pengawasan dalam mendefinisikan ruang lingkup, teknik dan proses untuk mengukur solusi TI dan kontribusi TI pada proses pengiriman perusahaan, Perusahaan sudah menetapkan suatu metode pengawasan dalam pencapaian TI yang maksimal untuk menetapkan kesesuaian prosedur dan pengawasan perusahaan, Perusahaan melakukan tindakan perbaikan pada kinerja

pengawasan, pencapaian dan hasil pelaporannya, Perusahaan melakukan pengawasan secara terus menerus dan mengembangkan lingkungan pengendalian teknologi informasi, dan pengendalian kerangka kerja sesuai tujuan bisnis perusahaan, Perusahaan telah melakukan evaluasi kelengkapan dan efektifitas manajemen dan kebijakan pengendalian teknologi informasi oleh manajemen yang terkait, Perusahaan telah menetapkan manajemen resiko yang timbul dalam penggunaan TI dalam proses pengiriman perusahaan.

4. Simpulan
Di bawah ini adalah beberapa simpulan yang didapatkan berdasarkan hasil evaluasi pengendalian sistem informasi pengiriman pada PT.Tiki Jalur Nugraha Ekakurir ,maka dapat disimpulkan sebagai berikut : 1. Pada dasarnya pengendalian sistem informasi pengiriman barang di PT. Tiki Jalur Nugraha Ekakurir sudah berjalan dengan baik, namun masih terdapat beberapa kelemahan dalam pengendalian sistemnya seperti : Perusahaan belum memiliki kamus data yang digunakan sebagai panduan untuk pengaksesan data dalam sistem pengiriman, dan dapat digunakan untuk pertukaran data pengiriman, Perusahaan belum melakukan kegiatan memantau secara berkala terhadap perkembangan teknologi dan bisnis perusahaan, Perusahaan tidak memiliki komite strategis TI yang dapat membantu dalam memastikan ketentuan TI sejalan dengan tujuan perusahaan, Perusahaan belum melakukan evaluasi secara berkala untuk memastikan teknologi informasi memiliki sumber daya TI yang cukup untuk mendukung tujuan bisnis perusahaan, Perusahaan belum membentuk struktur koordinasi dan komunikasi yang baik dan optimal diantara staf fungsi TI berdasarkan kebijakan dan prosedur yang telah ditetapkan.

2. Pada hasil evaluasi pada domain DS5.1, Perusahaan belum mengelola keamanan TI untuk melindungi data pengiriman yang dapat mengakibatkan terjadinya duplikasi terhadap data pengiriman perusahaan yang dilakukan oleh karyawan sehingga data pengiriman perusahaan dapat tersebar ke pesaing. 3. Pada hasil evaluasi pada domain ME3.2, Perusahaan belum melakukan peninjauan kembali atas kebijakan standar, prosedur, dan metodologi teknologi informasi yang menjamin legalitas, regulasi, dan kebutuhan kontrak dengan pihak luar.

Daftar Pustaka
Arens, Alvin A. Loebbecke, James K. (2003). Auditing : Pendekatan Terpadu. Jilid 1. Terjemahan Amir Abadi Jusuf, SE. MAcc. Salemba 4, Jakarta. Basalamah, A. S. (2011). Auditing PDE Dengan Standar IAI Edisi 5. Depok: Usaha Kami. Brand, Koen & Boonen, Harry. (2005). IT Governance Based on Cobit 4.1 : Management Guide. UK: Van Haren Publishing. Cannon, David L. (2011). CISA Certified Information Systems Auditor Study Guide. Indiana : Wiley Publishing, Inc. Cascarino, Richard E (2007). Auditors Guide to Information System Auditing. John Wiley & Sons, Inc, New Jersey.

10

Cereola, S.J.,& Cereola R. J (2011). Breach of data at TJX: An instructional case used to studey COSO and COBIT, with a focus on computer controls, data security, and privacy legislation. Issues in Accounting Education, 26(3), 521-521-545. Retrieved from
http://search.proquest.com/docview/889136050?accountid=31532, 11 Oktober

2011. Connolly, Thomas and Begg, Carolyn. (2005). Database Systems : A practical Approach to design, Implementation, And Management. Fourth Edition. Addison Wesley, USA. Connoly, Thomas, Begg, Carolyn. (2002). E-Business and E-

CommerceInfrasture: Technologies Supporting the E-Business Initiative. The McgrawHill Companies, Inc. New York Gelinas, Jr., Ulric J., Dull, Richard B. (2010). Accounting Information Systems, 8th Edition.South-Western Cengage Learning. Gondodiyoto, Sanyoto. (2007). Audit Sistem Informasi + Pendekatan CobIT. Edisi Revisi. Mitra Wacana Media, Jakarta. Grant, G. L., JD., & Royle, M. T. (2011). Information technology and its role in creating sustainable competitive advantage. Journal of international management studies, 6(1), 1-1-7. Retrieved from

http://search.proquest.com/docview/867910311?accountid=31532, 11 Oktober

2011. Husni, Setiabudi, H , et al. (2010). Evaluasi Pengendalian Sistem Informasi 11

Penjualan pada PT.XYZ. Comtech (vol 1, no.2). Jakarta : Redaksi Jurnal ComTech.

12

Inmon, W.H. (2005). Building the Data Warehouse Toolkit. Fourth Edition. Wiley Publishing Inc., Indianapolis ISACA Standards (2010). IT Standards, Guidelines, and Tools and Techniques for Audit and Assurance and Control Professionals.USA
th

IT Governance Institute. (2007). COBIT 4.1

editon. Framework, Control

Objectives. Management Guideline and Maturity Model, ITGI, USA. OBrien, James A, dan Marakas, George M. (2006). Management Information System. The McGraw-Hill Companies, Inc. New York Obrien, James A. & Marakas, George M.(2008). Management Information Systems, 8th edition.McGraw Hill International Edition, New York. Ramanathan, J., Cohen, R. J., Plassmann, E., & Ramamoorthy, K. (2007). Role of an auditing and reporting service in compliance management. IBM Systems Journal, 46(2), 2011. Romney, Marshall, Steinbart, Paul. (2006). Accounting information system, 10th Edition. Pearson Prentice Hall. Sarno R (2009). Audit Sistem & Teknologi Informasi. ITS Press,Surabaya. Umar, Husein. (2005). Evaluasi Kinerja Perusahaan. Teknik Evaluasi Bisnis dan Kinerja Perusahaan secara Kompleks dan Modern. Pustaka Utama. Jakarta. Yunarto, Leun, Holly (2006). In sales and Distribution Management. PT. Elex 13 305-305-318. Retrieved froms

http://search.proquest.com/docview/222424424?accountid=31532, 11 Oktober

Media Komputindo, Jakarta.

14

EVALUASI PENGENDALIAN SISTEM INFORMASI PENGIRIMAN BARANG PADA PT. TIKI JALUR NUGRAHA EKAKURIR
Felix and Yusup and Vendy Fren
Information Systems, School of Information Systems, BINUS University

Abstract
The research goal is to find and evaluate information delivery system that runs on the PT. Tiki Jalur Nugraha Ekakurir, to identify vulnerabilities associated with the delivery system that runs on the PT. Tiki Jalur Nugraha Ekakurir and make recommendations and suggestions for improving the existing weaknesses in the delivery system that runs on the PT. Tiki Jalur Nugraha Ekakurir. The research methodology used in the evaluation of information systems control the delivery of goods at PT. Tiki Jalur Nugraha Ekakurir the literature study and field research: observation, interviews, checklists and documentation study. Results to be achieved in this study were presented in the form of an evaluation system in the form of findings on issues contained in the delivery of information systems and the recommendations given to address the problems and weaknesses contained in the delivery of information systems at PT. Tiki Jalur Nugraha Ekakurir. Conclusion that we provide is the information system controls the delivery of goods at PT. Tiki Jalur Nugraha Ekakurir been running well, but there are still some weaknesses in the control system, we therefore suggest improvements in control systems enhance delivery of information in support of business objectives. Key words: Control, Delivery, Evaluation, Information, System

15

1. Introduction
1.1 Background At this time of information technology is one of the main support in daily activities in all areas. Grant, G. L, JD, Royle M. T. (2011). "Information technology to the success of Organizations, the vast majority conclude the IT That can not be considered a source of sustained competitive advantage. Nevertheless, the literature sets forth numerous examples of IT facilitating innovation, improving efficiency, and exhibiting other characteristics are established indicators of That sustained competitive advantage ". Citations to the journal concluded that information technology as a source of success in the organization and serve as indicators of sustainable competitive advantage. With the development of information technology today, the triggering of fraud, crime in the use of information technology within the company to incur losses, so that the necessary auditing techniques to control and ensure that information systems are in accordance with the objectives and procedures in the statement of organisations. According to Ramanathan, J., et al (2007) "Auditing is the process of maintaining detailed, secure records of critical activities in a business environment. Such records are referred to as audit logs. The critical activities recorded could be related to the security, content management, business transactions and so on. critical security-related activities That Could be audited include login failures, unauthorized access to protected resources, modification of security policy, noncompliance with a specified security policy, and the status of security servers". The weakness is usually found in the data transmission is how the company handles delivery of information systems. Due to various types of goods that go into a company with 16

limited time and errors of human resources (human error) that there are so may lead to the possible risks that occur. Which could interfere with the company's operations that impact on the late delivery of goods or goods not up to the destination or loss of goods. Therefore, it is necessary to evaluate the weaknesses and risks in information systems delivery at PT. Tiki Jalur Nugraha Ekakurir using COBIT approach, as described by Cereola, SJ, R. Cereola J (2011) "The COBIT framework related to each of the four domains identified below, perform a robust risk assessment identifying any internal control issues related to the use of information technology. Next, classify each internal control issues as a strength or weakness, and then, for each weakness, asses its risk as high, moderate, or low (high risk occurs when a company does not have any corrective actions in place when a key internal control weakness is found, and the company suffers a substantial loss as a result, moderate risks occur when an internal control weakness is found and the company does not have any corrective actions in a place, however, only minor losses may occur as a result and a low risk occur when an internal control weakness is found and is considered a control deficiency)". These things into the background gathering information about the system of delivery of information directly or indirectly to the PT. Tiki Jalur Nugraha Ekakurir, a company engaged in freight. Then the analysis and discussion are set forth the title "Evaluation of Control Delivery Systems PT. Tiki Jalur Nugraha Ekakurir". 1.2 Scope Because of the breadth of information systems applied in the PT. Tiki Jalur Nugraha Ekakurir it to better guide this thesis, as required limits the scope related to :

17

1. Evaluation that we do focus on delivery of information systems in the PT. Tiki Jalur Nugraha Ekakurir particular procedures that run outbound and inbound. 2. 4 domain COBIT version 4.1: Plan and Organize, Acquire and Implement, Delivery and Support, and Monitor and Evaluate.

1.3 Research Purposes The purpose of the research conducted are : a. To find and evaluate information delivery system that runs on the PT. Tiki Jalur Nugraha Ekakurir. b. To identify the weakness associated with the delivery system that runs on the PT. Tiki Jalur Nugraha Ekakurir. c. Provide recommendations and suggestions for improving the existing weaknesses in the delivery system that runs on the PT. Tiki Jalur Nugraha Ekakurir.

2. General Guidelines
Research methods for data collection are as follows : 1. Literature Study Research methodology by studying books and other written materials related to the writing of this thesis. 2. Field Study Research methods to conduct the review directly to the company concerned. Research methods used include : 18

a. Observation The data was collected by approaching the company directly and make the observation of the operation and use of information systems delivery PT. Tiki Jalur Nugraha Ekakurir. b. Interview Done by holding a question and answer directly to the relevant parties to obtain a general picture about the company and the problems associated with the discussion of this thesis. c. Check List Done by providing a list of questions used to evaluate the existing system of delivery of goods at PT. Tiki Jalur Nugraha Ekakurir based on COBIT 4.1. d. Documentation Study Examining documents relating to the delivery of information systems at PT. Tiki Jalur Nugraha Ekakurir.

3. Results and Discussions


Evaluation of information systems delivery at PT. Tiki Jalur Nugraha Ekakurir using COBIT approach consisting of four domains as follows :

3.1 Plan and Organize


These include the identification and discussion of investment strategies that provide the best IT to support business goals. Further identification and strategic vision needs to be planned, communicated, and managed implementation (from various perspectives). 19

Where in the PT. Tiki Jalur Nugraha Ekakurir obtained findings are: The company has had a good integration between the delivery and implementation of IT within the company so that the delivery goes well in accordance with company standard operating procedures, the Company has had a good tactical planning for IT, the Company has had the management of existing procedures to ensure the integrity and consistency of data, the Company has made plans to analyze, select and use appropriate technology to support business process delivery, the Company has a framework of IT processes in running its IT strategic planning, the Company has the executive committee in charge of IT oversee the continuity of the delivery system of the company and resolve problems with outsiders, the Company had engaged in monitoring the IT function and ensure each staff perform duties and responsibilities in accordance with their respective authority.

3.2 Acquire and Implement


That is to realize the IT strategy, IT needs to be set, are identified, developed, or implemented in an integrated enterprise business processes. That is to realize the IT strategy, IT needs to be set, are identified, where the PT. Tiki Jalur Nugraha Ekakurir obtained findings are : The company has been performing maintenance functions of business and technical requirements to business objectives expected by the company, the Company has had an application of security procedures that have been implemented to meet business objectives, the Company already has a plan for implementation and maintenance IT infrastructure that meets business needs, has been the protection of the resource availability of infrastructure hardware and software companies, the 20

Company has the knowledge and skills transfer to end users in using the system effectively and efficiently in support of the shipping companies, the Company has made provision of knowledge and skills to enable operations and technical staff capable of delivering, supporting and maintaining the system effectively and efficiently.

3.3 Delivery and Support


Domain which is more focused on the size of the aspects of IT support for business operations (the actual IT service or service level) and aspects of the order (priority for implementation and training). Where in the PT. Tiki Jalur Nugraha Ekakurir findings obtained as follows: The Company has established an agreement to all information technology services based on customer needs and capabilities of information technology, the Company has assessed the performance and capacity of information technology resources to determine whether the capacity and performance can improve the delivery company, Company been watching and reporting on process performance and capacity of information technology resources to determine whether it reached its intended purpose, the Company has entered into an ongoing maintenance plan for information technology to ensure the system is effective and relevant for the company, the overall IT security planning has been applied in accordance with existing standards and procedures, the Company has identified education and training to system users that are tailored to the enterprise system implementation, procedures about the storage and archiving of data has been implemented well in the company.

21

3.4 Monitor and Evaluate


That is all the IT processes that need to be evaluated regularly so that the quality and IT support goals achieved, and completeness of internal control is based on good terms. Where in the PT. Tiki Jalur Nugraha Ekakurir findings obtained as follows: The Company has established and implemented measures to control in defining the scope, techniques and processes to measure the contribution of IT solutions and IT companies in the shipping process, the Company has established a method of monitoring the achievement of IT maximum to establish compliance procedures and monitoring companies, companies take remedial action on monitoring performance, achievement and results reporting, the Company is constantly monitoring and developing the information technology control environment and control framework of the company's business objectives, the Company has conducted an evaluation of completeness and effectiveness of management and control policies by the management of information technology-related, the Company has established risk management arising from the use of IT in the delivery process of the company.

4. Conclusion
Below are some of the conclusions obtained based on the evaluation of information systems control the transmission PT. Tiki Jalur Nugraha Ekakurir, it can be concluded as follows: 1. Basically the information system controls the delivery of goods at PT. Tiki Jalur Nugraha Ekakurir been running well, but there are still some weaknesses in the control system such as: Companies do not have a data dictionary that is used as a 22

guide for accessing data in the delivery system, and can be used to exchange data delivery, the Company has not made at regular intervals to monitor the activities to the development of technology and business enterprise, the Company does not have the IT strategic committee that can assist in ensuring the provision of IT in line with corporate objectives, the Company has not made regular evaluation to ensure that information technology has considerable IT resources to support the company's business objectives, the Company has not established structure of coordination and communication among staff and optimal IT functions based on policies and procedures have been specified. 2. On evaluation of the domain DS5.1, the Company has not managing IT security to protect data transmission that can result in duplication of data transmission is performed by company employees so that data transmission can be spread to a competitor company. 3. On evaluation of the domain ME3.2, the Company has not made a review of standard policies, procedures, and methodologies that ensure the legality of information technology, regulatory, and contractual requirements with external parties.

References
Arens, Alvin A. Loebbecke, James K. (2003). Auditing : Pendekatan Terpadu. Jilid 1. Terjemahan Amir Abadi Jusuf, SE. MAcc. Salemba 4, Jakarta. Basalamah, A. S. (2011). Auditing PDE Dengan Standar IAI Edisi 5. Depok: Usaha 23

Kami.

24

Brand, Koen & Boonen, Harry. (2005). IT Governance Based on Cobit 4.1 : Management Guide. UK: Van Haren Publishing. Cannon, David L. (2011). CISA Certified Information Systems Auditor Study Guide. Indiana : Wiley Publishing, Inc. Cascarino, Richard E (2007). Auditors Guide to Information System Auditing. John Wiley & Sons, Inc, New Jersey. Cereola, S.J.,& Cereola R. J (2011). Breach of data at TJX: An instructional case used to studey COSO and COBIT, with a focus on computer controls, data security, and privacy legislation. Issues in Accounting Education, 26(3), 521-521-545. Retrieved from
http://search.proquest.com/docview/889136050?accountid=31532,

11

Oktober

2011. Connolly, Thomas and Begg, Carolyn. (2005). Database Systems : A practical Approach to design, Implementation, And Management. Fourth Edition. Addison Wesley, USA. Connoly, Thomas, Begg, Carolyn. (2002). E-Business and E-CommerceInfrasture: Technologies Supporting the E-Business Initiative. The Mcgraw-Hill Companies, Inc. New York Gelinas, Jr., Ulric J., Dull, Richard B. (2010). Accounting Information Systems, 8th Edition.South-Western Cengage Learning. Gondodiyoto, Sanyoto. (2007). Audit Sistem Informasi + Pendekatan CobIT. Edisi Revisi. Mitra Wacana Media, Jakarta. 25

Grant, G. L., JD., & Royle, M. T. (2011). Information technology and its role in creating sustainable competitive advantage. Journal of international management studies, 6(1), 1-1-7. Retrieved from
http://search.proquest.com/docview/867910311?

accountid=31532, 11 Oktober

2011. Husni, Setiabudi, H , et al. (2010). Evaluasi Pengendalian Sistem Informasi Penjualan pada PT.XYZ. Comtech (vol 1, no.2). Jakarta : Redaksi Jurnal ComTech. Inmon, W.H. (2005). Building the Data Warehouse Toolkit. Fourth Edition. Wiley Publishing Inc., Indianapolis ISACA Standards (2010). IT Standards, Guidelines, and Tools and Techniques for Audit and Assurance and Control Professionals.USA
th

IT Governance Institute. (2007). COBIT 4.1 editon. Framework, Control Objectives. Management Guideline and Maturity Model, ITGI, USA. OBrien, James A, dan Marakas, George M. (2006). Management Information System. The McGraw-Hill Companies, Inc. New York Obrien, James A. & Marakas, George M.(2008). Management Information Systems, 8th edition.McGraw Hill International Edition, New York. Ramanathan, J., Cohen, R. J., Plassmann, E., & Ramamoorthy, K. (2007). Role of an auditing and reporting service in compliance management. IBM Systems Journal, 46(2), 305305-318. Retrieved froms http://search.proquest.com/docview/222424424? accountid=31532, 11 26

Oktober 2011.

27

Romney, Marshall, Steinbart, Paul. (2006). Accounting information system, 10th Edition. Pearson Prentice Hall. Sarno R (2009). Audit Sistem & Teknologi Informasi. ITS Press,Surabaya. Umar, Husein. (2005). Evaluasi Kinerja Perusahaan. Teknik Evaluasi Bisnis dan Kinerja Perusahaan secara Kompleks dan Modern. Pustaka Utama. Jakarta. Yunarto, Leun, Holly (2006). In sales and Distribution Management. PT. Elex Media Komputindo, Jakarta.

28