Information Technology Asset Security Risk Management at the Secretariat of the Salatiga City DPRD Using ISO 31000

  • Margaretha Ayuningtyas Universitas Kristen Satya Wacana
  • Penidas Fiodinggo Tanaem Universitas Kristen Satya Wacana
Keywords: IT Asset Security, ISO 31000, Risk Management, Risk Assessment

Abstract

The lack of resources that have an information technology background in handling information technology asset security risks makes it asset management in the Secretariat of the Salatiga City DPRD less  optimal. The application of risk management is very necessary, especially in the security of information technology assets in agencies because it can help all existing business process activities in agencies so that they can run well. For this reason, it is necessary to implement information technology asset security risk management using ISO 31000 in these agencies. By implementing the ISO 31000 framework at the Secretariat of the Dprd Kota Salatiga can assist agencies in achieving goals, making decisions, improving performance, and effectively allocating and using resources for risk management.  The purpose of this study is to identify, analyze, and handle information technology security risks that exist in the Secretariat of the Salatiga City DPRD. The method used by this research is a qualitative approach, namely case study. The result of this study is that there are 20 possible risks that can interfere with business processes in the Secretariat of the Salatiga City DPRD, including 3 possible high-level risks, 12 possible medium-level risks, and 5 possible low-level risks.

Downloads

Download data is not yet available.

References

E. Purwanto, “Keamanan Informasi,” www.bpptik.kominfo.go.id, 2014. https://bpptik.kominfo.go.id/2014/03/24/404/keamanan-informasi/.

J. Ecleas, “Analisis Manajemen Risiko Teknologi Informasi Software PEGA Menggunakan ISO 31000,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 1, pp. 209–224, 2021, doi: 10.35957/jatisi.v8i1.601.

R. V. I. Francisca Lady Nice, “Analisis Risiko Teknologi Informasi pada Lembaga Penerbangan dan Antariksa Nasional (LAPAN) pada Website SWIFTS Menggunakan ISO 31000,” Juisi, vol. 2, no. 2, pp. 1689–1699, 2016.

G. Mochammad Husein and R. V. Imbar, “Analisis Manajemen Risiko Teknologi Informasi Penerapan Pada Document Management System di PT. JABAR TELEMATIKA (JATEL),” J. Tek. Inform. dan Sist. Inf., vol. 1, no. 2, pp. 75–87, 2015, doi: 10.28932/jutisi.v1i2.368.

Y. N. Qintharah, “Perancangan Penerapan Manajemen Risiko,” JRAK J. Ris. Akunt. dan Komputerisasi Akunt., vol. 10, no. 1, pp. 67–86, 2019, doi: 10.33558/jrak.v10i1.1645.

K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “Manajemen Risiko Teknologi Informasi Menggunakan Iso 31000 : 2018 (Studi Kasus: Cv. Xy),” Sebatik, vol. 23, no. 1, pp. 277–284, 2019, doi: 10.46984/sebatik.v23i1.572.

H. T. I. Driantami, Suprapto, and A. R. Perdanakusuma, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 ( Studi kasus : Sistem Penjualan PT Matahari Department Store Cabang Malang Town Square ),” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 2, no. 11, pp. 4991–4998, 2018.

S. Agustinus, A. Nugroho, and A. D. Cahyono, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 pada Program HRMS,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 1, no. 3, pp. 250–258, 2017, doi: 10.29207/resti.v1i3.94.

R. M. Candra, Y. N. Sari, I. Iskandar, and F. Yanto, “Sistem Manajamen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000 : 2018,” J. CoreIT, vol. 5, no. 1, pp. 19–28, 2019.

D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, p. 91, 2020, doi: 10.30865/jurikom.v7i1.1791.

B. Wijayantini, “Model Pendekatan Manajemen Risiko,” Jeam, vol. XI, no. 2, pp. 57–64, 2012.

R. H. Pangestu, A. D. Cahyono, and P. F. Tanaem, “Analisis Manajemen Resiko Aplikasi SIPP di Pengadilan Negeri Salatiga Kelas 1B Mengunakan ISO 31000,” J. Comput. Inf. Syst. Ampera, vol. 2, no. 1, pp. 43–57, 2021, doi: 10.51519/journalcisa.v2i1.59.

L. D. Berliana and A. R. Tanamaah, “Analisis Risiko dengan Metode ISO 31000 pada Disperinnaker Kota Salatiga Bidang Industri,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 3, pp. 1105–1118, 2021, doi: 10.35957/jatisi.v8i3.1037.

L. Mahadewi, “Proses Manajemen Risiko,” https://swa.co.id/swa/my-article/proses-manajemen-risiko, 2017. https://swa.co.id/swa/my-article/proses-manajemen-risiko.

Nabilatul Fanny and Anindiya Soviani, “Analisis Manajemen Risiko Di Ruang Filing RSUD dr Soediran Mangun Sumarso Wonogiri Tahun 2020,” Infokes J. Ilm. Rekam Medis dan Inform. Kesehat., vol. 10, no. 2, pp. 12–19, 2020, doi: 10.47701/infokes.v10i2.1027.

Published
2022-03-25
Abstract views: 251 times
Download PDF: 146 times
How to Cite
Ayuningtyas, M., & Tanaem, P. (2022). Information Technology Asset Security Risk Management at the Secretariat of the Salatiga City DPRD Using ISO 31000. Journal of Information Systems and Informatics, 4(1), 92-105. https://doi.org/10.51519/journalisi.v4i1.225