Information Technology Asset Security Risk Management at the Secretariat of the Salatiga City DPRD Using ISO 31000
Abstract
The lack of resources that have an information technology background in handling information technology asset security risks makes it asset management in the Secretariat of the Salatiga City DPRD less optimal. The application of risk management is very necessary, especially in the security of information technology assets in agencies because it can help all existing business process activities in agencies so that they can run well. For this reason, it is necessary to implement information technology asset security risk management using ISO 31000 in these agencies. By implementing the ISO 31000 framework at the Secretariat of the Dprd Kota Salatiga can assist agencies in achieving goals, making decisions, improving performance, and effectively allocating and using resources for risk management. The purpose of this study is to identify, analyze, and handle information technology security risks that exist in the Secretariat of the Salatiga City DPRD. The method used by this research is a qualitative approach, namely case study. The result of this study is that there are 20 possible risks that can interfere with business processes in the Secretariat of the Salatiga City DPRD, including 3 possible high-level risks, 12 possible medium-level risks, and 5 possible low-level risks.
Downloads
References
E. Purwanto, “Keamanan Informasi,” www.bpptik.kominfo.go.id, 2014. https://bpptik.kominfo.go.id/2014/03/24/404/keamanan-informasi/.
J. Ecleas, “Analisis Manajemen Risiko Teknologi Informasi Software PEGA Menggunakan ISO 31000,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 1, pp. 209–224, 2021, doi: 10.35957/jatisi.v8i1.601.
R. V. I. Francisca Lady Nice, “Analisis Risiko Teknologi Informasi pada Lembaga Penerbangan dan Antariksa Nasional (LAPAN) pada Website SWIFTS Menggunakan ISO 31000,” Juisi, vol. 2, no. 2, pp. 1689–1699, 2016.
G. Mochammad Husein and R. V. Imbar, “Analisis Manajemen Risiko Teknologi Informasi Penerapan Pada Document Management System di PT. JABAR TELEMATIKA (JATEL),” J. Tek. Inform. dan Sist. Inf., vol. 1, no. 2, pp. 75–87, 2015, doi: 10.28932/jutisi.v1i2.368.
Y. N. Qintharah, “Perancangan Penerapan Manajemen Risiko,” JRAK J. Ris. Akunt. dan Komputerisasi Akunt., vol. 10, no. 1, pp. 67–86, 2019, doi: 10.33558/jrak.v10i1.1645.
K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “Manajemen Risiko Teknologi Informasi Menggunakan Iso 31000 : 2018 (Studi Kasus: Cv. Xy),” Sebatik, vol. 23, no. 1, pp. 277–284, 2019, doi: 10.46984/sebatik.v23i1.572.
H. T. I. Driantami, Suprapto, and A. R. Perdanakusuma, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 ( Studi kasus : Sistem Penjualan PT Matahari Department Store Cabang Malang Town Square ),” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 2, no. 11, pp. 4991–4998, 2018.
S. Agustinus, A. Nugroho, and A. D. Cahyono, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 pada Program HRMS,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 1, no. 3, pp. 250–258, 2017, doi: 10.29207/resti.v1i3.94.
R. M. Candra, Y. N. Sari, I. Iskandar, and F. Yanto, “Sistem Manajamen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000 : 2018,” J. CoreIT, vol. 5, no. 1, pp. 19–28, 2019.
D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, p. 91, 2020, doi: 10.30865/jurikom.v7i1.1791.
B. Wijayantini, “Model Pendekatan Manajemen Risiko,” Jeam, vol. XI, no. 2, pp. 57–64, 2012.
R. H. Pangestu, A. D. Cahyono, and P. F. Tanaem, “Analisis Manajemen Resiko Aplikasi SIPP di Pengadilan Negeri Salatiga Kelas 1B Mengunakan ISO 31000,” J. Comput. Inf. Syst. Ampera, vol. 2, no. 1, pp. 43–57, 2021, doi: 10.51519/journalcisa.v2i1.59.
L. D. Berliana and A. R. Tanamaah, “Analisis Risiko dengan Metode ISO 31000 pada Disperinnaker Kota Salatiga Bidang Industri,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 3, pp. 1105–1118, 2021, doi: 10.35957/jatisi.v8i3.1037.
L. Mahadewi, “Proses Manajemen Risiko,” https://swa.co.id/swa/my-article/proses-manajemen-risiko, 2017. https://swa.co.id/swa/my-article/proses-manajemen-risiko.
Nabilatul Fanny and Anindiya Soviani, “Analisis Manajemen Risiko Di Ruang Filing RSUD dr Soediran Mangun Sumarso Wonogiri Tahun 2020,” Infokes J. Ilm. Rekam Medis dan Inform. Kesehat., vol. 10, no. 2, pp. 12–19, 2020, doi: 10.47701/infokes.v10i2.1027.
Abstract views: 251 times
Download PDF: 146 times
- I certify that I have read, understand and agreed to the Journal of Information System and Informatics submission guidelines, policies and submission declaration. Submission already using the provided template.
- I certify that all authors have approved the publication of this and there is no conflict of interest.
- I confirm that the manuscript is the authors' original work and the manuscript has not received prior publication and is not under consideration for publication elsewhere and has not been previously published.
- I confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
- I confirm that the paper now submitted is not copied or plagiarized version of some other published work.
- I declare that I shall not submit the paper for publication in any other Journal or Magazine till the decision is made by journal editors.
- If the paper is finally accepted by the journal for publication, I confirm that I will either publish the paper immediately or withdraw it according to withdrawal policies.
_1.png){kind=logo}
