Information Technology Risk Management Analysis Using ISO: 31000 at PT. XYZ

Keywords: information technology, risk management, ISO 31000

Abstract

XYZ is one of the branch offices of banking subsidiaries in Indonesia that focuses on providing leasing facilities, investment and working capital. As a company, PT. XYZ is inseparable in the use of information technology which gives rise to various possible risks that exist. Therefore, it is necessary to have an analysis of information technology risk management in PT. XYZ. Through this research, it is hoped that it can help PT. XYZ in identifying possible risks that occur to the company, as well as actions that must be taken in the face of such risks. The framework used in this study is the ISO 31000 framework. Based on the results of this study, 13 possible risks that have low risk levels (R01, R02, R03, R04, R05, R07, R08, R12, R13, R15, R16, R20 and R21 ), 6 possible risks that have medium risk levels (R06, R09, R10, R11, R14 and R18), as well as 2 possible risks that have high risk levels (R17 and R19). In addition, a risk treatment proposal was produced that can be used as a reference by PT. XYZ to minimize losses caused by these risks.

Downloads

Download data is not yet available.

References

D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Riset Komputer), vol. 7, no. 1, pp. 91-96, Feb. 2020, doi: 10.30865/jurikom.v7i1.1791.

D. Prabowo and A. F. Wijaya, “Risk Management Analysis on KKM LKF FTI UKSW Website Using ISO 31000 Framework,” Journal of Information Systems and Informatics, vol. 4, no. 1, pp. 65, Mar. 2022, [Online]. Available: http://journal-isi.org/index.php/isi.

P. Kanantyo, and F. S. Papilaya, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 (Learning Management System SMPN 6 Salatiga),” Jurnal Teknik Informatika dan Sistem Informasi, vol. 8, no. 4, pp. 1896-1908, Des . 2021. [Online]. Available: http://jurnal.mdp.ac.id.

H. Citra Christian and M. N. N. Sitokdana, “Analisis Risiko Teknologi Informasi pada BANK ABC Menggunakan Framework ISO 31000,” Jurnal Teknik Informatika dan Sistem Informasi, vol. 9, no.1, pp. 735-748, Mar. 2022. [Online]. Available: http://jurnal.mdp.ac.id.

ISO, Risk management — Guidelines, ISO 31000:2018. 2018.

K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “MANAJEMEN RISIKO TEKNOLOGI INFORMASI MENGGUNAKAN ISO 31000 : 2018 (STUDI KASUS: CV. XY),” SEBATIK , vol.#, no.#, pp. 277-284, Jun. 2019.

Monica, D. Kurniawan, and R. Prabowo, “Analisis Manajemen Risiko Sistem Informasi Pengelolaan Data English Proficiency Test (EPT) dan Portal Informasi di UPT Bahasa Universitas Lampung Menggunakan Metode ISO 31000,” Jurnal Komputasi, vol. 8, no. 1, pp. 83-90, Apr. 2020.

S. D. Fitri, D. L. Setyowati, and K. Duma, “Implementasi Manajemen Risiko Berdasarkan ISO 31000:2009 pada Program Perawatan Mesin di Area Workshop PT. X,” Faletehan Health Journal, vol. 6, no. 1, pp. 16–24, Mar. 2019, [Online]. Available: www.journal.lppm-stikesfa.ac.id/ojs/index.php/FHJ.

S. Agustinus, A. Nugroho, and A. Dwika Cahyono, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 pada Program HRMS,” Jurnal Resti, vol. 1, no. 3, pp. 250–238, Des. 2017, [Online]. Available: http://jurnal.iaii.or.id.

T. F. Rahardian and A. F. Wijaya, “Risk Analysis of Web-Based Information Systems on CV Mega Komputama Uses ISO 31000,” Journal of Information Systems and Informatics, vol. 4, no. 2, pp. 428-443 , Jun. 2022, [Online]. Available: http://journal-isi.org/index.php/isi.

A. Rahmawati, A. F. Wijaya, A. R. Fakultas, and T. Informasi, “ANALISIS RISIKO TEKNOLOGI INFORMASI MENGGUNAKAN ISO 31000 PADA APLIKASI ITOP Penulis Korespondensi.” Jurnal SITECH, vol. 2, no. 1, pp. 13-20, Jun. 2019, [Online]. Available: http://www.jurnal.umk.ac.id/sitech.

G. W. Lantang, A. D. Cahyono, and M. N. N. Sitokdana, “ANALISIS RISIKO TEKNOLOGI INFORMASI PADA APLIKASI SAP DI PT SERASI AUTORAYA MENGGUNAKAN ISO 31000,” SEBATIK, vol.#, no.#, pp. 36-42, Jun. 2019.

R. P. Pangestu and A. F. Wijaya, “Analisis Manajemen Risiko Aplikasi SINTESA Pada Perpustakaan XYZ,” Jurnal Bina Komputer, vol. 2, no. 2, pp. 1-14, Jun. 2020.

N. V. Richardo and M. N. N. Sitokdana, “Analisis Risiko Teknologi Informasi Pada Perusahaan Toko Surabaya Cabang Surakarta,” Journal of Information Systems and Informatics, vol. 3, no. 1, pp. 13-30, Mar. 2021, [Online]. Available: http://journal-isi.org/index.php/isi.

M. Miftakhatun, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000,” Journal of Computer Science and Engineering (JCSE), vol. 1, no. 2, pp. 128–146, Aug. 2020, doi: 10.36596/jcse.v1i2.76.

Published
2022-09-01
Abstract views: 413 times
Download PDF: 87 times
How to Cite
Putri, V., & Wijaya, A. (2022). Information Technology Risk Management Analysis Using ISO: 31000 at PT. XYZ. Journal of Information Systems and Informatics, 4(3), 574-588. https://doi.org/10.51519/journalisi.v4i3.288