Risk Management Based IT Analysis Using ISO 31000 (Case Study: PT Bawen Mediatama)

Authors

  • Evinia Evinia Satya Wacana Christian University, Indonesia
  • Melkior N. N. Sitokdana Satya Wacana Christian University, Indonesia
Pages Icon

DOI:

https://doi.org/10.51519/journalisi.v5i1.420

Keywords:

Risk, ISO 31000, IT Risk Management, Company, Business Process.

Abstract

This study examines the risks of implementing information technology (IT) at PT Bawen Mediatama, a company that has experienced damage to financial institution files due to their IT use. The study uses the ISO 31000 framework to analyze the risks faced by PT Bawen Mediatama, with a focus on identifying the risks and providing recommendations for appropriate risk treatment. The research method is qualitative, and the results indicate that PT Bawen Mediatama faces 20 possible risks, including limited, severe, very severe, and catastrophic level risks. Although the company has implemented risk management, the study concludes that it is not optimal.

Downloads

Download data is not yet available.

References

M. Iso, F. G. Punusingon, M. N. N. Sitokdana, and J. O. Notohamidjojo, 2022, “Analisis Manajemen Risiko Aplikasi SIMFONI Pada Dinas PPA Di Kab. Minahasa Tenggara,” vol. 4, no. 2, pp. 25–36.

G. W. Lantang, A. D. Cahyono, and N. Ngalumsine, 2019, “Analisis Risiko Teknologi Informasi pada Aplikasi SAP di PT Serasi Autoraya Menggunakan ISO 31000”, Sebatik 2621-069X, Vol. 23 No. 1, pp. 36–43.

U. R. de Oliveira, F. A. S. Marins, H. M. Rocha, and V. A. P. Salomon, 2017, “The ISO 31000 standard in supply chain risk management,” J. Clean. Prod., vol. 151, pp. 616–633.

B. Purwanggono and A. Margarette, 2019, “Risk assessment of underpass infrastructure project based on IS0 31000 and ISO 21500 using fishbone diagram and RFMEA (project risk failure mode and effects analysis) method,” IOP Conf. Ser. Mater. Sci. Eng., vol. 277, no. 1, p. 012039.

F. Shirvani, W. Scott, G. A. L. Kennedy, and A. P. Campbell, 2019, “Enhancement of FMEA risk assessment with SysML,” Aust. J. Multi-Disciplinary Eng., vol. 15, no. 1, pp. 52–61.

T. Ramdhany and R. A. Krisdiawan. 2018, “Analisis Risiko Sistem Informasi Penjualan Berbasis Iso 31000 - Risk Management di PT. Remaja Rosdakarya”, Teknol. dan Manaj. Inform., Vol. 3, No. 1, pp. 1–7,

M. Miftakhatun., 2020, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000”, Journal of Computer Science and Engineering (JCSE), 1(2), 128–146. https://doi.org/10.36596/jcse.v1i2.76.

A. Rahmawati, & Wijaya, A. F., 2019, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 Pada Aplikasi ITOP”, Jurnal SITECH : Sistem Informasi Dan Teknologi, 2(1), 13–20. https://doi.org/10.24176/sitech.v2i1.3122.

M. I. Fachrezi, A. D. Cahyono, and P. F. Tanaem, 2021, “Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000 : 2018 Diskominfo Kota Salatiga,” vol. 8, no. 2, pp. 764–773.

S. D. Fitri, D. L. Setyowati, and K. Duma. 2019, “Implementasi Manajemen Risiko Berdasarkan ISO 31000: 2009 pada Program Perawatan Mesin di Area Workshop PT . X”, Vol. 6, No. 1, pp. 16–24.

D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, p. 91, 2020, doi: 10.30865/jurikom.v7i1.1791.

Muryanti and K. D. Hartomo, 2021, “Analisis Risiko Teknologi Informasi Aplikasi CATTER PDAM Kota Salatiga Menggunakan ISO 31000,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 3, pp. 1265–1277, doi: 10.35957/jatisi.v8i3.948.

S. Rass, S. König, and S. Schauer, 2017, “Defending against advanced persistent threats using game-theory,” PLoS One, vol. 12, no. 1, pp. 1–45, doi: 10.1371/journal.pone.0168675.

P. S. Ilham Rinaldi, Syarifa Hanoum, 2021, “Identifikasi Tingkat Kematangan Risiko,” vol. 10, no. 1.

I. P. A. E. Pratama and M. T. S. Pratika, 2020, “Manajemen Risiko Teknologi Informasi Terkait Manipulasi dan Peretasan Sistem pada Bank XYZ Tahun 2020 Menggunakan ISO 31000:2018,” J. Telemat., vol. 15, no. 2, pp. 63–70.

Downloads

Published

2023-03-09

Issue

Vol. 5 No. 1 (2023): Journal of Information Systems and Informatics

Section

Articles

License

Authors Declaration

  1. The Authors certify that they have read, understood, and agreed to the Journal of Information Systems and Informatics (JournalISI) submission guidelines, policies, and submission declaration. The submission has been prepared using the provided template.
  2. The Authors certify that all authors have approved the publication of this manuscript and that there is no conflict of interest.
  3. The Authors confirm that the manuscript is their original work, has not received prior publication, is not under consideration for publication elsewhere, and has not been previously published.
  4. The Authors confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
  5. The Authors confirm that the manuscript is not copied from or plagiarized from any other published work.
  6. The Authors declare that the manuscript will not be submitted for publication in any other journal or magazine until a decision is made by the journal editors.
  7. If the manuscript is finally accepted for publication, the Authors confirm that they will either proceed with publication immediately or withdraw the manuscript in accordance with the journal’s withdrawal policies.
  8. The Authors agree that, upon publication of the manuscript in this journal, they transfer copyright or assign exclusive rights to the publisher, including commercial rights

How to Cite

[1]
E. Evinia and M. N. N. Sitokdana, “Risk Management Based IT Analysis Using ISO 31000 (Case Study: PT Bawen Mediatama)”, journalisi, vol. 5, no. 1, pp. 380–390, Mar. 2023, doi: 10.51519/journalisi.v5i1.420.

Most read articles by the same author(s)