Risk Management Based IT Analysis Using ISO 31000 (Case Study: PT Bawen Mediatama)

  • Evinia Evinia Universitas Kristen Satya Wacana, Indonesia
  • Melkior N. N. Sitokdana Universitas Kristen Satya Wacana, Indonesia
Keywords: Risk, ISO 31000, IT Risk Management, Company, Business Process.


This study examines the risks of implementing information technology (IT) at PT Bawen Mediatama, a company that has experienced damage to financial institution files due to their IT use. The study uses the ISO 31000 framework to analyze the risks faced by PT Bawen Mediatama, with a focus on identifying the risks and providing recommendations for appropriate risk treatment. The research method is qualitative, and the results indicate that PT Bawen Mediatama faces 20 possible risks, including limited, severe, very severe, and catastrophic level risks. Although the company has implemented risk management, the study concludes that it is not optimal.


Download data is not yet available.


M. Iso, F. G. Punusingon, M. N. N. Sitokdana, and J. O. Notohamidjojo, 2022, “Analisis Manajemen Risiko Aplikasi SIMFONI Pada Dinas PPA Di Kab. Minahasa Tenggara,” vol. 4, no. 2, pp. 25–36.

G. W. Lantang, A. D. Cahyono, and N. Ngalumsine, 2019, “Analisis Risiko Teknologi Informasi pada Aplikasi SAP di PT Serasi Autoraya Menggunakan ISO 31000”, Sebatik 2621-069X, Vol. 23 No. 1, pp. 36–43.

U. R. de Oliveira, F. A. S. Marins, H. M. Rocha, and V. A. P. Salomon, 2017, “The ISO 31000 standard in supply chain risk management,” J. Clean. Prod., vol. 151, pp. 616–633.

B. Purwanggono and A. Margarette, 2019, “Risk assessment of underpass infrastructure project based on IS0 31000 and ISO 21500 using fishbone diagram and RFMEA (project risk failure mode and effects analysis) method,” IOP Conf. Ser. Mater. Sci. Eng., vol. 277, no. 1, p. 012039.

F. Shirvani, W. Scott, G. A. L. Kennedy, and A. P. Campbell, 2019, “Enhancement of FMEA risk assessment with SysML,” Aust. J. Multi-Disciplinary Eng., vol. 15, no. 1, pp. 52–61.

T. Ramdhany and R. A. Krisdiawan. 2018, “Analisis Risiko Sistem Informasi Penjualan Berbasis Iso 31000 - Risk Management di PT. Remaja Rosdakarya”, Teknol. dan Manaj. Inform., Vol. 3, No. 1, pp. 1–7,

M. Miftakhatun., 2020, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000”, Journal of Computer Science and Engineering (JCSE), 1(2), 128–146. https://doi.org/10.36596/jcse.v1i2.76.

A. Rahmawati, & Wijaya, A. F., 2019, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 Pada Aplikasi ITOP”, Jurnal SITECH : Sistem Informasi Dan Teknologi, 2(1), 13–20. https://doi.org/10.24176/sitech.v2i1.3122.

M. I. Fachrezi, A. D. Cahyono, and P. F. Tanaem, 2021, “Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000 : 2018 Diskominfo Kota Salatiga,” vol. 8, no. 2, pp. 764–773.

S. D. Fitri, D. L. Setyowati, and K. Duma. 2019, “Implementasi Manajemen Risiko Berdasarkan ISO 31000: 2009 pada Program Perawatan Mesin di Area Workshop PT . X”, Vol. 6, No. 1, pp. 16–24.

D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, p. 91, 2020, doi: 10.30865/jurikom.v7i1.1791.

Muryanti and K. D. Hartomo, 2021, “Analisis Risiko Teknologi Informasi Aplikasi CATTER PDAM Kota Salatiga Menggunakan ISO 31000,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 3, pp. 1265–1277, doi: 10.35957/jatisi.v8i3.948.

S. Rass, S. König, and S. Schauer, 2017, “Defending against advanced persistent threats using game-theory,” PLoS One, vol. 12, no. 1, pp. 1–45, doi: 10.1371/journal.pone.0168675.

P. S. Ilham Rinaldi, Syarifa Hanoum, 2021, “Identifikasi Tingkat Kematangan Risiko,” vol. 10, no. 1.

I. P. A. E. Pratama and M. T. S. Pratika, 2020, “Manajemen Risiko Teknologi Informasi Terkait Manipulasi dan Peretasan Sistem pada Bank XYZ Tahun 2020 Menggunakan ISO 31000:2018,” J. Telemat., vol. 15, no. 2, pp. 63–70.

Abstract views: 127 times
Download PDF: 76 times
How to Cite
Evinia, E., & Sitokdana, M. (2023). Risk Management Based IT Analysis Using ISO 31000 (Case Study: PT Bawen Mediatama). Journal of Information Systems and Informatics, 5(1), 380-390. https://doi.org/10.51519/journalisi.v5i1.420