Risk Management Based IT Analysis Using ISO 31000 (Case Study: PT Bawen Mediatama)
Abstract
This study examines the risks of implementing information technology (IT) at PT Bawen Mediatama, a company that has experienced damage to financial institution files due to their IT use. The study uses the ISO 31000 framework to analyze the risks faced by PT Bawen Mediatama, with a focus on identifying the risks and providing recommendations for appropriate risk treatment. The research method is qualitative, and the results indicate that PT Bawen Mediatama faces 20 possible risks, including limited, severe, very severe, and catastrophic level risks. Although the company has implemented risk management, the study concludes that it is not optimal.
Downloads
References
M. Iso, F. G. Punusingon, M. N. N. Sitokdana, and J. O. Notohamidjojo, 2022, “Analisis Manajemen Risiko Aplikasi SIMFONI Pada Dinas PPA Di Kab. Minahasa Tenggara,” vol. 4, no. 2, pp. 25–36.
G. W. Lantang, A. D. Cahyono, and N. Ngalumsine, 2019, “Analisis Risiko Teknologi Informasi pada Aplikasi SAP di PT Serasi Autoraya Menggunakan ISO 31000”, Sebatik 2621-069X, Vol. 23 No. 1, pp. 36–43.
U. R. de Oliveira, F. A. S. Marins, H. M. Rocha, and V. A. P. Salomon, 2017, “The ISO 31000 standard in supply chain risk management,” J. Clean. Prod., vol. 151, pp. 616–633.
B. Purwanggono and A. Margarette, 2019, “Risk assessment of underpass infrastructure project based on IS0 31000 and ISO 21500 using fishbone diagram and RFMEA (project risk failure mode and effects analysis) method,” IOP Conf. Ser. Mater. Sci. Eng., vol. 277, no. 1, p. 012039.
F. Shirvani, W. Scott, G. A. L. Kennedy, and A. P. Campbell, 2019, “Enhancement of FMEA risk assessment with SysML,” Aust. J. Multi-Disciplinary Eng., vol. 15, no. 1, pp. 52–61.
T. Ramdhany and R. A. Krisdiawan. 2018, “Analisis Risiko Sistem Informasi Penjualan Berbasis Iso 31000 - Risk Management di PT. Remaja Rosdakarya”, Teknol. dan Manaj. Inform., Vol. 3, No. 1, pp. 1–7,
M. Miftakhatun., 2020, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000”, Journal of Computer Science and Engineering (JCSE), 1(2), 128–146. https://doi.org/10.36596/jcse.v1i2.76.
A. Rahmawati, & Wijaya, A. F., 2019, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 Pada Aplikasi ITOP”, Jurnal SITECH : Sistem Informasi Dan Teknologi, 2(1), 13–20. https://doi.org/10.24176/sitech.v2i1.3122.
M. I. Fachrezi, A. D. Cahyono, and P. F. Tanaem, 2021, “Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000 : 2018 Diskominfo Kota Salatiga,” vol. 8, no. 2, pp. 764–773.
S. D. Fitri, D. L. Setyowati, and K. Duma. 2019, “Implementasi Manajemen Risiko Berdasarkan ISO 31000: 2009 pada Program Perawatan Mesin di Area Workshop PT . X”, Vol. 6, No. 1, pp. 16–24.
D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, p. 91, 2020, doi: 10.30865/jurikom.v7i1.1791.
Muryanti and K. D. Hartomo, 2021, “Analisis Risiko Teknologi Informasi Aplikasi CATTER PDAM Kota Salatiga Menggunakan ISO 31000,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 3, pp. 1265–1277, doi: 10.35957/jatisi.v8i3.948.
S. Rass, S. König, and S. Schauer, 2017, “Defending against advanced persistent threats using game-theory,” PLoS One, vol. 12, no. 1, pp. 1–45, doi: 10.1371/journal.pone.0168675.
P. S. Ilham Rinaldi, Syarifa Hanoum, 2021, “Identifikasi Tingkat Kematangan Risiko,” vol. 10, no. 1.
I. P. A. E. Pratama and M. T. S. Pratika, 2020, “Manajemen Risiko Teknologi Informasi Terkait Manipulasi dan Peretasan Sistem pada Bank XYZ Tahun 2020 Menggunakan ISO 31000:2018,” J. Telemat., vol. 15, no. 2, pp. 63–70.


Copyright (c) 2023 Journal of Information Systems and Informatics

This work is licensed under a Creative Commons Attribution 4.0 International License.
- I certify that I have read, understand and agreed to the Journal of Information Systems and Informatics (Journal-ISI) submission guidelines, policies and submission declaration. Submission already using the provided template.
- I certify that all authors have approved the publication of this and there is no conflict of interest.
- I confirm that the manuscript is the authors' original work and the manuscript has not received prior publication and is not under consideration for publication elsewhere and has not been previously published.
- I confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
- I confirm that the paper now submitted is not copied or plagiarized version of some other published work.
- I declare that I shall not submit the paper for publication in any other Journal or Magazine till the decision is made by journal editors.
- If the paper is finally accepted by the journal for publication, I confirm that I will either publish the paper immediately or withdraw it according to withdrawal policies
- I Agree that the paper published by this journal, I transfer copyright or assign exclusive rights to the publisher (including commercial rights)