Risk Analysis of Business Continuity Plan in Light Steel Company Using ISO 31000 Framework

Keywords: Risk Management, BCP, ISO 31000, Company

Abstract

Light Steel Company is an industry engaged in manufacturing, has adopted technology and has a data center. The purpose of this study is to provide a guide and strategy for preventing risks and actions to minimize and overcome risks that can be used and implemented, so that the company's business processes can continue to run sustainably. This study uses Business Continuity Plan (BCP) using ISO 31000. Data collection is used by an interviewing employee who works at this organization. The analysis shows there are 15 possible risks that will hinder the operation of Light Steel companies based on the risk level high, medium, and low categories. High risk level is 26.7%, there are 4 possible risks, namely R05 (Loss of spare parts), R06 (Unscheduled maintenance and care for trucks and equipment spare parts), R10 (Server down) and R012 (Network connection problems). Medium risk level is 26.7%, there are 4 possible risks, namely R02 (flood), R07 (Cybercrime), R08 (Hacking), and R011 (Sudden power outage). Finally for low risk level is 46.6%, there are 7 possible risks, namely R01 (Earthquake), R03 (Dust), R04 (Fire), R09 (Abuse of access rights), R13 (Overheat), R14 (Data Corrupt), and R15 (Virus Attack, Malware).

Downloads

Download data is not yet available.

Author Biography

Yunianto Purnomo, Universitas Bunda Mulia

Dosen SI

References

Y. Gao and D. Xu, “Exploration of Dance Teaching Mode Based on the Information Technology Era,” Front. Art Res., vol. 3, no. 3, pp. 32–35, 2021, doi: 10.25236/far.2021.030307.

M. El Khatib, “BIM As a Tool To Optimize And Manage Project Risk Management,” Int. J. Mech. Eng., vol. 7, no. 1, pp. 6307–6323, 2022.

J. J. Kassema, “Information Technology (IT) Contingency Plan as part of the Business Continuity Plan: Case of IT Services Delivery Industry,” SSRN Electron. J., 2019, doi: 10.2139/ssrn.3496143.

S. Fani and A. Subiadi, “Trend of Business Continuity Plan: A Systematic Literature Review,” ICBLP, no. 2019, 2020, doi: 10.4108/eai.13-2-2019.2286164.

J. A. R. C. Jayalath and S. C. Premaratne, “Analysis of Key Digital Technology Infrastructure and Cyber Security Consideration Factors for Fintech Companies,” Int. J. Res. Publ., vol. 84, no. 1, pp. 128. – 135, 2021, doi: 10.47119/ijrp100841920212246.

S. V. Fani and A. P. Subriadi, “Business Continuity pPan: Examining of Multi-Usable Framework,” Procedia Comput. Sci., vol. 161, pp. 275–282, 2019, doi: 10.1016/j.procs.2019.11.124.

I. Mas’ud and R. Salsabila, “Perancangan Business Continuity Plan Pada PT. XYZ,” J. Sist. Inf. dan Sains Teknol., vol. 3, no. 1, pp. 1–14, 2021, doi: 10.31326/sistek.v3i1.803.

M. R. Purnama, M. B. Adityawan, K. S. Pribadi, M. Farid, Widyaningtias, and A. A. Kuntoro, “Tsunami Risk Assessment in Business Continuity Planning for Palu Special Economic Zone,” IOP Conf. Ser. Earth Environ. Sci., vol. 1065, no. 1, 2022, doi: 10.1088/1755-1315/1065/1/012053.

I. Setiawan, R. Waluyo, and W. A. Pambudi, “Perancangan Business Continuity Plan dan Disaster Recovery Plan Teknologi dan Sistem Informasi Menggunakan ISO 22301,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 3, no. 2, pp. 148–155, 2019, doi: 10.29207/resti.v3i2.911.

B. Prieto, “Enterprise Risk Management in the Engineering and Construction,” PM World J., vol. XI, no. V, pp. 2330–4480, 2022.

E. C. Ali and N. C. Ali, “Business Continuity Plan of the Micro and Small Enterprises in Cotabato City during the COVID-19 Pandemic and Its Effect to Business Performance,” Eur. J. Bus. Manag. Res., vol. 8, no. 3, pp. 124–127, 2023, doi: 10.24018/ejbmr.2023.8.3.1916.

A. Berrichi and Z. Azarkan, “Business Continuity Plan facing COVID-19 : From necessity to Alterities Business Continuity Plan facing COVID-19 :,” HAL oepn Sci., vol. 2, no. 4, pp. 597–617, 2021, doi: 10.5281/zenodo.5149419.

F. T. Kurniati and R. R. Huizen, “Sosialisasi Strategi Business Continuity Plan Memasuki Era Baru (New Normal),” War. LPM, vol. 24, no. 4, pp. 788–798, 2021.

T. F. Rahardian and A. F. Wijaya, “Risk Analysis of Web-Based Information Systems on CV Mega Komputama Uses ISO 31000,” J. Inf. Syst. Informatics, vol. 4, no. 2, p. 442, 2022.

E. Evinia and M. N. N. Sitokdana, “Risk Management Based IT Analysis Using ISO 31000 (Case Study: PT Bawen Mediatama),” J. Inf. Syst. Informatics, vol. 5, no. 1, pp. 380–390, 2023, doi: 10.51519/journalisi.v5i1.420.

F. A. Alijoyo, “The use ISO 31000:2018 in Indonesian Fintech Lending Companies: What Can We Learn?,” J. Bus. Manag. Stud., vol. 4, no. 1, pp. 16–22, 2022, doi: 10.32996/jbms.2022.4.1.3.

J. F. Andry, N. Karepowan, and H. Tannady, “Disaster Recovery Planning for It/Is of Hospitality Industry Using Nist Sp 800-34 Rev.1 Method,” J. Theor. Appl. Inf. Technol., vol. 102, no. 8, pp. 3562–3569, 2024.

D. Y. Bernanda, Y. Charolina, O. Azhari, C. Pangrestu, and J. F. Andry, “Identification of Potential and Planning for Disaster Recovery Using the Iso/Iec 24762 Standard At Xyz University,” J. Teknoinfo, vol. 17, no. 1, p. 140, 2023, doi: 10.33365/jti.v17i1.2295.

J. F. Andry, H. Tannady, G. D. Rembulan, Gerry, and Honni, “Disaster Recovery Design at Higher Education Institutional Using ISO 27021 Method.pdf,” Soc. Sci. J., vol. 12, no. 5, pp. 1211–1217, 2022.

J. F. Andry, L. Liliana, H. Tannady, and A. S. Arief, “Data Centre Risk Analysis Using ISO 31000:2009 Framework,” J. Phys. Conf. Ser., vol. 2394, no. 1, 2022, doi: 10.1088/1742-6596/2394/1/012032.

Published
2024-12-31
Abstract views: 135 times
Download PDF: 99 times
How to Cite
Andry, J., Christianto, K., Purnomo, Y., & Lee, F. (2024). Risk Analysis of Business Continuity Plan in Light Steel Company Using ISO 31000 Framework. Journal of Information Systems and Informatics, 6(4), 3104-3114. https://doi.org/10.51519/journalisi.v6i4.955
Section
Articles

Most read articles by the same author(s)