An IT governance audit is a way to evaluate the course of IT governance in an organization so that it can be seen Information technology plays a vital role in all sectors. One of the sectors that makes information technology the most important aspect to run the wheels of activity is the education sector. Each education sector has its standards in achieving the target to maximize each information technology system to support the sustainability of the education sector in Indonesia. To achieve a good level of information technology in the education sector, it is necessary to analyze risk management through an IT governance audit. This study will focus on conducting a risk management analysis process based on the 2019 COBIT framework standards by concentrating on the APO12 domain to generate a value from the capability level that can be used as a reference for analyzing risk management at XYZ College.

Berrada, H., Boutahar, J., & Houssaïni, S. E. G. El. 2021. Simplified IT Risk Management Maturity Audit System based on “COBIT 5 for Risk. International Journal of Advanced Computer Science and Applications, 12(8), 641–652. https://doi.org/10.14569/ijacsa.2021.0120875

E. Widilianie and A. D. Manuputty. 2019. Evaluasi Kinerja SI Project Management Menggunakan Framework Cobit 5 Subdomain MEA 01, J. SITECH Sist. Inf. dan Teknol., 2(1), 39–50. doi: 10.24176/sitech.v2i1.3160.

ISACA. 2018. COBIT 2019, The Capability Level Test, ISACA

Mustaqim, 2016, Metode Penelitian Gabungan Kuantitatif Kualitatif/Mixed Methods Suatu Pendekatan Alternatif, J. Intelegensia, 4(1), 1–9

S. Majid. 2019. Audit Tata Kelola Teknologi Informasi pada Dinas Komunikasi dan Informatika (Diskominfo) Kota Bandar Lampung Menggunakan Kerangka Kerja COBIT 4.1 Domain Plan and Organise dan Acquire and Implement, 2(9), 3425–3432. doi: 10.31219/osf.io/yuehf.