Issue

Vol. 10, No. 4, November 2025

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Ambidextrous Blockchain Governance to Strengthen BankCo’s Digital Transformation through COBIT 2019 Traditional and DevOps

https://doi.org/10.22219/kinetik.v10i4.2361
Salsabill Nur Aisyah
Telkom University
Rahmat Mulyana
Stockholm University
Tien Fabrianti Kusumasari
Telkom University

Corresponding Author(s) : Salsabill Nur Aisyah

sabillnrsyh@gmail.com

Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, Vol. 10, No. 4, November 2025

Abstract

The adoption of blockchain in banking accelerates digital transformation by enhancing transparency and operational efficiency. However, it also brings with it governance issues pertaining to accountability, compliance, and system integrity within a highly regulated environment. This study addresses these challenges by developing a blockchain governance solution based on ambidextrous approach within COBIT 2019’s Traditional and DevOps Focus Areas. A governance model was built and evaluated through iterative steps. Until saturation was reached, information was gathered through key stakeholder interviews and checked with internal documentation such as yearly reports, risk frameworks, and policy records. The ambidextrous COBIT 2019 framework was used in the analysis for all seven governance components. Governance and Management Objectives (GMOs) were prioritized based on design factors, national regulations (POJK No.11/2022 and SOE Minister Regulation No.PER-2/MBU/03/2023), and insights from prior studies. APO12: Managed Risk was identified as the most prioritized GMO. A capability gap analysis revealed missing leadership roles, overlapping security responsibilities, and underdeveloped risk management practices. Recommendations include formalizing key governance roles and strengthening risk management process for blockchain and DevOps environments. These enhancements are expected to increase the maturity level of APO12 from 3.5 to 4.1, thereby improving BankCo’s risk management, compliance, and innovation capabilities. Ultimately, the findings contribute to continuous digital innovation by aligning risk management practices with strategic performance goals and adaptive control mechanisms rooted in emerging technology principles.

Keywords

Ambidextrous Blockchain Governance Digital Transformation COBIT 2019 DevOps APO12 Design Science Research Banking
Aisyah, S. N. ., Mulyana, R., & Kusumasari, T. F. (2025). Ambidextrous Blockchain Governance to Strengthen BankCo’s Digital Transformation through COBIT 2019 Traditional and DevOps. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, 10(4). https://doi.org/10.22219/kinetik.v10i4.2361
Download Citation
Endnote/Zotero/Mendeley (RIS)
BibTeX
References
  1. D. Jabborova, D. Mamurova, K. K. Umurova, U. Ulasheva, S. X. Djalolova, and A. Khurramov, “Possibilities of Using Technologies in Digital Transformation of Sustanable Development,” E3S Web of Conferences, vol. 491, p. 01002, Feb. 2024. https://doi.org/10.1051/e3sconf/202449101002
  2. E. J. Omol, “Organizational digital transformation: from evolution to future trends,” Jul. 04, 2024, Emerald Publishing. https://doi.org/10.1108/DTS-08-2023-0061
  3. E. Ali Alqararah, M. Shehadeh, and H. Yaseen, “The Role of Digital Transformation Capabilities in Improving Banking Performance in Jordanian Commercial Banks,” Journal of Risk and Financial Management, vol. 18, no. 4, Apr. 2025. https://doi.org/10.3390/jrfm18040196
  4. T.-G. Budisteanu, “Blockchain and the Banking Sector: Benefits, Challenges and Perspectives,” Open J Soc Sci, vol. 13, no. 03, pp. 288–300, 2025. https://doi.org/10.4236/jss.2025.133019
  5. M. Javaid, A. Haleem, R. P. Singh, R. Suman, and S. Khan, “A review of Blockchain Technology applications for financial services,” Jul. 01, 2022, Elsevier B.V. https://doi.org/10.1016/j.tbench.2022.100073
  6. J. Park, S. Jeong, and K. Yeom, “Smart Contract Broker: Improving Smart Contract Reusability in a Blockchain Environment,” Sensors, vol. 23, no. 13, Jul. 2023. https://doi.org/10.3390/s23136149
  7. Dr. A. Muayad and M. Abumandil, “Role of Smart Contract Technology Blockchain Services in Finance and Banking Systems: Concept and Core Values,” SSRN Electronic Journal, 2022. https://dx.doi.org/10.2139/ssrn.4078566
  8. Rupali Gangarde, “Exploring the Role of Blockchain in Preventing Cyber Fraud in Financial Systems,” Computer Fraud and Security, pp. 123–130, Dec. 2024. https://doi.org/10.52710/cfs.81
  9. C. L. Reyes and J. P. Cutler, “Ready Layer One: Functional Regulation For Blockchain Infrastructure,” 2025. http://dx.doi.org/10.2139/ssrn.5145302
  10. H. A. Nahi et al., “Blockchain Network for Regulation Decentralized E-Government Systems,” Data and Metadata, vol. 4, Jan. 2025. https://doi.org/10.56294/dm2025201
  11. H. Mewha, “Blockchain Wakes: Balancing the Light and Dark Sides of Blockchain Through Global Regulation,” 2023. https://doi.org/10.1017/9781108609708.007
  12. S. Baertschi, L. Guenthardt, R. Sabani, and M. Krey, “A Method for the Adoption of DevOps in the Banking Industry,” in 2023 International Conference on Information Management (ICIM), IEEE, Mar. 2023, pp. 31–36. https://doi.org/10.1109/ICIM58774.2023.00012
  13. L. Lesavre, P. Varin, and D. Yaga, “Blockchain networks :Token Design and Management Overview,” Feb. 2024. https://doi.org/10.6028/NIST.IR.8301
  14. R. Mulyana, L. Rusu, and E. Perjons, “Key Ambidextrous IT Governance Mechanisms Influence on Key Ambidextrous IT Governance Mechanisms Influence,” in Proc. PACIS, 2024, 2024.
  15. ISACA, COBIT 2019 Framework: Introduction and Methodology. 2018.
  16. ISACA, “COBIT Focus Area: DevOps,” 2021.
  17. R. Mulyana, “IT Governance Influence on Digital Transformation, Ph.D. dissertation,” IEEE, Stockholm University, 2025.
  18. Achmad Fadhli Satriadi, R. Mulyana, and R. Fauzi, “Agile IT Service Management Design of Fintechco Digitalization Based on COBIT 2019 Devops Focus Area,” Jurnal Teknik Informatika (Jutif), vol. 4, no. 5, pp. 1165–1177, Oct. 2023. https://doi.org/10.52436/1.jutif.2023.4.5.1304
  19. OJK, “Peraturan Otoritas Jasa Keuangan Nomor 11/POJK.03/2022 Tahun 2022 tentang Penyelenggaraan Teknologi Informasi Oleh Bank Umum,” 2022.
  20. BUMN, “Peraturan Menteri Badan Usaha Milik Negara Nomor PER-2/MBU/03/2023 Tahun 2023 tentang Pedoman Tata Kelola dan Kegiatan Korporasi Signifikan Badan Usaha Milik Negara,” 2023. Accessed: Jul. 28, 2025.
  21. M. Safiullah and S. R. Paramati, “The impact of FinTech firms on bank financial stability,” Electronic Commerce Research, vol. 24, no. 1, pp. 453–475, Mar. 2024.
  22. S. Wang, M. Asif, M. F. Shahzad, and M. Ashfaq, “Data privacy and cybersecurity challenges in the digital transformation of the banking sector,” Comput Secur, vol. 147, p. 104051, Dec. 2024. https://doi.org/10.1016/j.cose.2024.104051
  23. F. Seyedjafarrangraz, C. De Fuentes, and M. Zhang, “Mapping the global regulatory terrain in digital banking: a longitudinal study across countries,” Digital Policy, Regulation and Governance, Nov. 2024.
  24. R. Mulyana, L. Rusu, and E. Perjons, “IT Governance Mechanisms Influence on Digital Transformation: A Systematic Literature Review,” AMCIS, 2021.
  25. R. Mulyana, L. Rusu, and E. Perjons, “How Hybrid IT Governance Mechanisms Influence Digital Transformation and Organizational Performance in the Banking and Insurance Industry of Indonesia,” Oct. 2023.
  26. R. Dhillon and P. Sivabalan, “Exploring dimensions of governance for different types of blockchain systems,” British Accounting Review, 2025.
  27. A. Joshi, L. Bollen, H. Hassink, S. De Haes, and W. Van Grembergen, “Explaining IT governance disclosure through the constructs of IT governance maturity and IT strategic role,” Information & Management, vol. 55, no. 3, pp. 368–380, Apr. 2018. https://doi.org/10.1016/j.im.2017.09.003
  28. N. H. A. Alnor et al., “The role of bank governance in managing the risks associated with banking institutions,” International Journal of Advanced and Applied Sciences, vol. 11, no. 4, pp. 194–206, Apr. 2024. https://doi.org/10.21833/ijaas.2024.04.021
  29. M. M. Ibrahimy, A. Norta, and P. Normak, “Blockchain-based governance models supporting corruption-transparency: A systematic literature review,” Jun. 01, 2024, Zhejiang University. https://doi.org/10.1016/j.bcra.2023.100186
  30. ISACA, COBIT 2019 Design guide designing an information and technology governance solution. 2018.
  31. K. Leonardo and R. Latuperissa, “Information Technology Governance Design in Trading Companies Using the COBIT 2019 Framework,” Journal of Information Systems and Informatics, vol. 6, no. 3, pp. 1466–1483, Sep. 2024. https://doi.org/10.51519/journalisi.v6i3.798
  32. A. Alić, A. Traljić, and D. Đonko, “Methodology for Evaluating the Impact of DevOps Principles,” in 2025 24th International Symposium INFOTEH-JAHORINA (INFOTEH), IEEE, Mar. 2025, pp. 1–6. https://doi.org/10.1109/INFOTEH64129.2025.10959292
  33. Y. Alam, S. N. Azizah, and C. Caroline, “Digital Transformation in Banking Management: Optimizing Operational Efficiency and Enhancing Customer Experience,” International Journal of Management Science and Information Technology, vol. 5, no. 1, pp. 46–55, Jan. 2025. https://doi.org/10.35870/ijmsit.v5i1.3646
  34. R. Mulyana, L. Rusu, and E. Perjons, “Key ambidextrous IT governance mechanisms for successful digital transformation: A case study of Bank Rakyat Indonesia (BRI),” Digital Business, vol. 4, no. 2, Dec. 2024. https://doi.org/10.1016/j.digbus.2024.100083
  35. Project Management Institute, A Guide to the Project Management Body of Knowledge (PMBOK® Guide) - Seventh Edition and the Standard for Project Management. Project Management Institute, 2021.
  36. A. R. Hevner, S. T. March, J. Park, and S. Ram, “Design Science in Information Systems Research 1,” 2004. https://doi.org/10.2307/25148625
  37. P. Johannesson and E. Perjons, An Introduction to Design Science. Cham: Springer International Publishing, 2014. https://doi.org/10.1007/978-3-319-10632-8
  38. R. Yin, “How to do Better Case Studies: (With Illustrations from 20 Exemplary Case Studies),” in The SAGE Handbook of Applied Social Research Methods, 2455 Teller Road, Thousand Oaks California 91320 United States : SAGE Publications, Inc., 2009, pp. 254–282. https://doi.org/10.4135/9781483348858.n8
  39. A. K. Shenton, “Strategies for ensuring trustworthiness in qualitative research projects,” Education for Information, vol. 22, no. 2, pp. 63–75, Jul. 2004. https://doi.org/10.3233/EFI-2004-22201
  40. P. Fusch and L. Ness, “Are We There Yet? Data Saturation in Qualitative Research,” The Qualitative Report, Sep. 2015. https://doi.org/10.46743/2160-3715/2015.2281
  41. ISACA, COBIT Focus Area: DevOps Using COBIT 2019. 2021
  42. ISACA, COBIT 2019 Framework Governance and Management Objectives. 2019. Accessed: Mar. 10, 2025
  43. G. Laatikainen, M. Li, and P. Abrahamsson, “A system-based view of blockchain governance,” Inf Softw Technol, vol. 157, May 2023. https://doi.org/10.1016/j.infsof.2023.107149
  44. R. van Pelt, S. Jansen, D. Baars, and S. Overbeek, “Defining Blockchain Governance: A Framework for Analysis and Comparison,” Information Systems Management, vol. 38, no. 1, pp. 21–41, 2021. https://doi.org/10.1080/10580530.2020.1720046
  45. E. Tan, S. Mahula, and J. Crompvoets, “Blockchain governance in the public sector: A conceptual framework for public management,” Gov Inf Q, vol. 39, no. 1, Jan. 2022. https://doi.org/10.1016/j.giq.2021.101625
  46. Project Management Institute, A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Seventh Edition and The Standard for Project Management, 7th ed. 2021. Accessed: Jun. 06, 2025.
  47. C. E. Otero, L. D. Otero, I. Weissberger, and A. Qureshi, “A Multi-criteria Decision Making Approach for Resource Allocation in Software Engineering,” in 2010 12th International Conference on Computer Modelling and Simulation, IEEE, 2010, pp. 137–141. https://doi.org/10.1109/UKSIM.2010.32
  48. F. Marle and T. Gidel, “A multi-criteria decision-making process for project risk management method selection,” International Journal of Multicriteria Decision Making, vol. 2, no. 2, p. 189, 2012. https://doi.org/10.1504/IJMCDM.2012.046948
Read More
Author biographies is not available.
Download this PDF file
PDF
Statistic
Read Counter : 0 Download : 0

Downloads

Download data is not yet available.