Information Technology Asset Security Risk Management at the Secretariat of the Salatiga City DPRD Using ISO 31000

Authors

  • Margaretha Ayuningtyas Satya Wacana Christian University, Indonesia
  • Penidas Fiodinggo Tanaem Satya Wacana Christian University, Indonesia
Pages Icon

DOI:

https://doi.org/10.51519/journalisi.v4i1.225

Keywords:

IT Asset Security, ISO 31000, Risk Management, Risk Assessment

Abstract

The lack of resources that have an information technology background in handling information technology asset security risks makes it asset management in the Secretariat of the Salatiga City DPRD less  optimal. The application of risk management is very necessary, especially in the security of information technology assets in agencies because it can help all existing business process activities in agencies so that they can run well. For this reason, it is necessary to implement information technology asset security risk management using ISO 31000 in these agencies. By implementing the ISO 31000 framework at the Secretariat of the Dprd Kota Salatiga can assist agencies in achieving goals, making decisions, improving performance, and effectively allocating and using resources for risk management.  The purpose of this study is to identify, analyze, and handle information technology security risks that exist in the Secretariat of the Salatiga City DPRD. The method used by this research is a qualitative approach, namely case study. The result of this study is that there are 20 possible risks that can interfere with business processes in the Secretariat of the Salatiga City DPRD, including 3 possible high-level risks, 12 possible medium-level risks, and 5 possible low-level risks.

Downloads

Download data is not yet available.

References

E. Purwanto, “Keamanan Informasi,” www.bpptik.kominfo.go.id, 2014. https://bpptik.kominfo.go.id/2014/03/24/404/keamanan-informasi/.

J. Ecleas, “Analisis Manajemen Risiko Teknologi Informasi Software PEGA Menggunakan ISO 31000,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 1, pp. 209–224, 2021, doi: 10.35957/jatisi.v8i1.601.

R. V. I. Francisca Lady Nice, “Analisis Risiko Teknologi Informasi pada Lembaga Penerbangan dan Antariksa Nasional (LAPAN) pada Website SWIFTS Menggunakan ISO 31000,” Juisi, vol. 2, no. 2, pp. 1689–1699, 2016.

G. Mochammad Husein and R. V. Imbar, “Analisis Manajemen Risiko Teknologi Informasi Penerapan Pada Document Management System di PT. JABAR TELEMATIKA (JATEL),” J. Tek. Inform. dan Sist. Inf., vol. 1, no. 2, pp. 75–87, 2015, doi: 10.28932/jutisi.v1i2.368.

Y. N. Qintharah, “Perancangan Penerapan Manajemen Risiko,” JRAK J. Ris. Akunt. dan Komputerisasi Akunt., vol. 10, no. 1, pp. 67–86, 2019, doi: 10.33558/jrak.v10i1.1645.

K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “Manajemen Risiko Teknologi Informasi Menggunakan Iso 31000 : 2018 (Studi Kasus: Cv. Xy),” Sebatik, vol. 23, no. 1, pp. 277–284, 2019, doi: 10.46984/sebatik.v23i1.572.

H. T. I. Driantami, Suprapto, and A. R. Perdanakusuma, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 ( Studi kasus : Sistem Penjualan PT Matahari Department Store Cabang Malang Town Square ),” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 2, no. 11, pp. 4991–4998, 2018.

S. Agustinus, A. Nugroho, and A. D. Cahyono, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 pada Program HRMS,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 1, no. 3, pp. 250–258, 2017, doi: 10.29207/resti.v1i3.94.

R. M. Candra, Y. N. Sari, I. Iskandar, and F. Yanto, “Sistem Manajamen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000 : 2018,” J. CoreIT, vol. 5, no. 1, pp. 19–28, 2019.

D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, p. 91, 2020, doi: 10.30865/jurikom.v7i1.1791.

B. Wijayantini, “Model Pendekatan Manajemen Risiko,” Jeam, vol. XI, no. 2, pp. 57–64, 2012.

R. H. Pangestu, A. D. Cahyono, and P. F. Tanaem, “Analisis Manajemen Resiko Aplikasi SIPP di Pengadilan Negeri Salatiga Kelas 1B Mengunakan ISO 31000,” J. Comput. Inf. Syst. Ampera, vol. 2, no. 1, pp. 43–57, 2021, doi: 10.51519/journalcisa.v2i1.59.

L. D. Berliana and A. R. Tanamaah, “Analisis Risiko dengan Metode ISO 31000 pada Disperinnaker Kota Salatiga Bidang Industri,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 3, pp. 1105–1118, 2021, doi: 10.35957/jatisi.v8i3.1037.

L. Mahadewi, “Proses Manajemen Risiko,” https://swa.co.id/swa/my-article/proses-manajemen-risiko, 2017. https://swa.co.id/swa/my-article/proses-manajemen-risiko.

Nabilatul Fanny and Anindiya Soviani, “Analisis Manajemen Risiko Di Ruang Filing RSUD dr Soediran Mangun Sumarso Wonogiri Tahun 2020,” Infokes J. Ilm. Rekam Medis dan Inform. Kesehat., vol. 10, no. 2, pp. 12–19, 2020, doi: 10.47701/infokes.v10i2.1027.

Downloads

Published

2022-03-25

Issue

Vol. 4 No. 1 (2022): Journal of Information Systems and Informatics

Section

Articles

License

Authors Declaration

  1. The Authors certify that they have read, understood, and agreed to the Journal of Information Systems and Informatics (JournalISI) submission guidelines, policies, and submission declaration. The submission has been prepared using the provided template.
  2. The Authors certify that all authors have approved the publication of this manuscript and that there is no conflict of interest.
  3. The Authors confirm that the manuscript is their original work, has not received prior publication, is not under consideration for publication elsewhere, and has not been previously published.
  4. The Authors confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
  5. The Authors confirm that the manuscript is not copied from or plagiarized from any other published work.
  6. The Authors declare that the manuscript will not be submitted for publication in any other journal or magazine until a decision is made by the journal editors.
  7. If the manuscript is finally accepted for publication, the Authors confirm that they will either proceed with publication immediately or withdraw the manuscript in accordance with the journal’s withdrawal policies.
  8. The Authors agree that, upon publication of the manuscript in this journal, they transfer copyright or assign exclusive rights to the publisher, including commercial rights

How to Cite

[1]
M. Ayuningtyas and P. F. Tanaem, “Information Technology Asset Security Risk Management at the Secretariat of the Salatiga City DPRD Using ISO 31000”, journalisi, vol. 4, no. 1, pp. 92–105, Mar. 2022, doi: 10.51519/journalisi.v4i1.225.

Most read articles by the same author(s)