Information Technology Risk Management Analysis Using ISO: 31000 at PT. XYZ
Abstract
XYZ is one of the branch offices of banking subsidiaries in Indonesia that focuses on providing leasing facilities, investment and working capital. As a company, PT. XYZ is inseparable in the use of information technology which gives rise to various possible risks that exist. Therefore, it is necessary to have an analysis of information technology risk management in PT. XYZ. Through this research, it is hoped that it can help PT. XYZ in identifying possible risks that occur to the company, as well as actions that must be taken in the face of such risks. The framework used in this study is the ISO 31000 framework. Based on the results of this study, 13 possible risks that have low risk levels (R01, R02, R03, R04, R05, R07, R08, R12, R13, R15, R16, R20 and R21 ), 6 possible risks that have medium risk levels (R06, R09, R10, R11, R14 and R18), as well as 2 possible risks that have high risk levels (R17 and R19). In addition, a risk treatment proposal was produced that can be used as a reference by PT. XYZ to minimize losses caused by these risks.
Downloads
References
D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Riset Komputer), vol. 7, no. 1, pp. 91-96, Feb. 2020, doi: 10.30865/jurikom.v7i1.1791.
D. Prabowo and A. F. Wijaya, “Risk Management Analysis on KKM LKF FTI UKSW Website Using ISO 31000 Framework,” Journal of Information Systems and Informatics, vol. 4, no. 1, pp. 65, Mar. 2022, [Online]. Available: http://journal-isi.org/index.php/isi.
P. Kanantyo, and F. S. Papilaya, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 (Learning Management System SMPN 6 Salatiga),” Jurnal Teknik Informatika dan Sistem Informasi, vol. 8, no. 4, pp. 1896-1908, Des . 2021. [Online]. Available: http://jurnal.mdp.ac.id.
H. Citra Christian and M. N. N. Sitokdana, “Analisis Risiko Teknologi Informasi pada BANK ABC Menggunakan Framework ISO 31000,” Jurnal Teknik Informatika dan Sistem Informasi, vol. 9, no.1, pp. 735-748, Mar. 2022. [Online]. Available: http://jurnal.mdp.ac.id.
ISO, Risk management — Guidelines, ISO 31000:2018. 2018.
K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “MANAJEMEN RISIKO TEKNOLOGI INFORMASI MENGGUNAKAN ISO 31000 : 2018 (STUDI KASUS: CV. XY),” SEBATIK , vol.#, no.#, pp. 277-284, Jun. 2019.
Monica, D. Kurniawan, and R. Prabowo, “Analisis Manajemen Risiko Sistem Informasi Pengelolaan Data English Proficiency Test (EPT) dan Portal Informasi di UPT Bahasa Universitas Lampung Menggunakan Metode ISO 31000,” Jurnal Komputasi, vol. 8, no. 1, pp. 83-90, Apr. 2020.
S. D. Fitri, D. L. Setyowati, and K. Duma, “Implementasi Manajemen Risiko Berdasarkan ISO 31000:2009 pada Program Perawatan Mesin di Area Workshop PT. X,” Faletehan Health Journal, vol. 6, no. 1, pp. 16–24, Mar. 2019, [Online]. Available: www.journal.lppm-stikesfa.ac.id/ojs/index.php/FHJ.
S. Agustinus, A. Nugroho, and A. Dwika Cahyono, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 pada Program HRMS,” Jurnal Resti, vol. 1, no. 3, pp. 250–238, Des. 2017, [Online]. Available: http://jurnal.iaii.or.id.
T. F. Rahardian and A. F. Wijaya, “Risk Analysis of Web-Based Information Systems on CV Mega Komputama Uses ISO 31000,” Journal of Information Systems and Informatics, vol. 4, no. 2, pp. 428-443 , Jun. 2022, [Online]. Available: http://journal-isi.org/index.php/isi.
A. Rahmawati, A. F. Wijaya, A. R. Fakultas, and T. Informasi, “ANALISIS RISIKO TEKNOLOGI INFORMASI MENGGUNAKAN ISO 31000 PADA APLIKASI ITOP Penulis Korespondensi.” Jurnal SITECH, vol. 2, no. 1, pp. 13-20, Jun. 2019, [Online]. Available: http://www.jurnal.umk.ac.id/sitech.
G. W. Lantang, A. D. Cahyono, and M. N. N. Sitokdana, “ANALISIS RISIKO TEKNOLOGI INFORMASI PADA APLIKASI SAP DI PT SERASI AUTORAYA MENGGUNAKAN ISO 31000,” SEBATIK, vol.#, no.#, pp. 36-42, Jun. 2019.
R. P. Pangestu and A. F. Wijaya, “Analisis Manajemen Risiko Aplikasi SINTESA Pada Perpustakaan XYZ,” Jurnal Bina Komputer, vol. 2, no. 2, pp. 1-14, Jun. 2020.
N. V. Richardo and M. N. N. Sitokdana, “Analisis Risiko Teknologi Informasi Pada Perusahaan Toko Surabaya Cabang Surakarta,” Journal of Information Systems and Informatics, vol. 3, no. 1, pp. 13-30, Mar. 2021, [Online]. Available: http://journal-isi.org/index.php/isi.
M. Miftakhatun, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000,” Journal of Computer Science and Engineering (JCSE), vol. 1, no. 2, pp. 128–146, Aug. 2020, doi: 10.36596/jcse.v1i2.76.
Abstract views: 1640 times
Download PDF: 667 times
- I certify that I have read, understand and agreed to the Journal of Information Systems and Informatics (Journal-ISI) submission guidelines, policies and submission declaration. Submission already using the provided template.
- I certify that all authors have approved the publication of this and there is no conflict of interest.
- I confirm that the manuscript is the authors' original work and the manuscript has not received prior publication and is not under consideration for publication elsewhere and has not been previously published.
- I confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
- I confirm that the paper now submitted is not copied or plagiarized version of some other published work.
- I declare that I shall not submit the paper for publication in any other Journal or Magazine till the decision is made by journal editors.
- If the paper is finally accepted by the journal for publication, I confirm that I will either publish the paper immediately or withdraw it according to withdrawal policies
- I Agree that the paper published by this journal, I transfer copyright or assign exclusive rights to the publisher (including commercial rights)
_1.png){kind=logo}
