Information Technology Audit at PT. Telekomunikasi Indonesia Tbk. Based on COBIT, ISO 31000, and COSO

Information technology (IT) has become critical to business operations in the digital age, driving competitive advantage and organizational efficiency. However, as reliance on IT increases, so do the risks associated with IT management. Effective IT auditing is essential to ensure alignment with business objectives, regulatory compliance, and risk mitigation. This paper presents an IT audit framework for PT. Telekomunikasi Indonesia Tbk., using established standards and frameworks: COBIT, ISO 31000, and COSO ERM (Enterprise Risk Management) framework. We analyze how these frameworks can collectively support a robust IT audit process and evaluate their applicability in managing IT-related risks at Telkom Indonesia. By using case studies, we examine how COBIT, ISO 31000, and COSO contribute to a holistic audit approach, emphasizing risk management, control processes, and regulatory compliance. Our findings demonstrate that integrating these frameworks enhances Telkom’s ability to identify, mitigate, and control IT risks, thus fostering improved corporate governance and resilience.