Information Technology Risk Control of University in a Work from Home Situations

Authors

  • Iqbal Santosa Universitas Telkom, Indonesia
  • Rahmat Mulyana Stockholm University, Sweden
Pages Icon

DOI:

https://doi.org/10.51519/journalisi.v4i4.393

Keywords:

Information Technology, Risk Management, Work from Home

Abstract

The University is one of the educational institutions affected by the COVID-19 pandemic. Most of its activities, which are academic management, human resource management, information technology services, and so on were changed into WFH (Work from Home) supported by information technology. Utilization of information technology in supporting WFH can create various risks and needs to be controlled either preventive, detective, or corrective to minimize the impact. This research will focus on planning for university information technology risk control in working from home conditions by referring to the ISO 31000:2018 standard for risk management processes, COBIT 5 Generic Risk Scenario for defining risk scenarios, and DoD Instruction 8500.2 and NIST SP 800-53 in the identification of risk controls. The resulting solution is in the form of a risk treatment plan. This solution is expected to assist universities in identifying risks related to information technology and planning controls related to the implementation of work-from-home in their environment.

Downloads

Download data is not yet available.

References

ISO 31000:2018 Risk management — Guidelines, ISO, 2018.

ISO 13485:2016 Medical devices — Quality management systems — Requirements for regulatory purposes, ISO, 2016.

M. Shepherd. "Surprising Working From Home Statistics." https://www.fundera.com/resources/working-from-home-statistics (accessed 28 September, 2022).

R. W. Tuti, "Analisis implementasi kebijakan work from home pada kesejahteraan pengemudi transportasi online di Indonesia," Jurnal Ilmiah Ilmu Administrasi, vol. 3, pp. 73-85, 2020.

U. T. A. Ahidin, Aris; Imbron; Khoiriah, Neneng, COVID-19 dan Work from Home. Desanta Muliavisitama, 2020.

T. University. "Tel-U Kembali Jalani Audit Internal Secara Online." https://telkomuniversity.ac.id/tel-u-kembali-jalani-audit-internal-secara-online (accessed 9 November, 2022).

ISACA, COBIT 5 for Risk (ISACA). 2013.

NIST Special Publication 800-53, Revision 5 — Security and Privacy Controls for Information Systems and Organizations, NIST, 2020.

Department of Defense Instruction 8500.2 Information Assurance (IA) Implementation, D. o. D. U. S. o. America, 2003.

Y. Erlika, M. I. Herdiansyah, and A. H. Mirza, "Analisis IT Risk Management di Universitas Bina Darma Menggunakan ISO31000," Jurnal Informatika Global, vol. 11, no. 1, 2020.

H. Hardani et al., Metode Penelitian Kualitatif & Kuantitatif. Yogyakarta: CV. Pustaka Ilmu Group, 2020.

T. University. "Laporan Daftar Risiko Universitas Telkom Periode Ganjil 2019-2020." https://audit.telkomuniversity.ac.id/risiko/ (accessed 28 September, 2022).

Downloads

Published

2022-11-26

Issue

Vol. 4 No. 4 (2022): Journal of Information Systems and Informatics

Section

Articles

License

Authors Declaration

  1. The Authors certify that they have read, understood, and agreed to the Journal of Information Systems and Informatics (JournalISI) submission guidelines, policies, and submission declaration. The submission has been prepared using the provided template.
  2. The Authors certify that all authors have approved the publication of this manuscript and that there is no conflict of interest.
  3. The Authors confirm that the manuscript is their original work, has not received prior publication, is not under consideration for publication elsewhere, and has not been previously published.
  4. The Authors confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
  5. The Authors confirm that the manuscript is not copied from or plagiarized from any other published work.
  6. The Authors declare that the manuscript will not be submitted for publication in any other journal or magazine until a decision is made by the journal editors.
  7. If the manuscript is finally accepted for publication, the Authors confirm that they will either proceed with publication immediately or withdraw the manuscript in accordance with the journal’s withdrawal policies.
  8. The Authors agree that, upon publication of the manuscript in this journal, they transfer copyright or assign exclusive rights to the publisher, including commercial rights

How to Cite

[1]
I. Santosa and R. Mulyana, “Information Technology Risk Control of University in a Work from Home Situations”, journalisi, vol. 4, no. 4, pp. 1008–1018, Nov. 2022, doi: 10.51519/journalisi.v4i4.393.