Analisis Manajemen Risiko Teknologi Informasi Menggunakan Framework ISO 31000:2018


Authors

  • Devara Liko Ivander Universitas Kristen Satya Wacana, Salatiga, Indonesia
  • Frederik Samuel Papilaya , Universitas Kristen Satya Wacana, Salatiga, Indonesia

DOI:

https://doi.org/10.30865/klik.v4i2.1174

Keywords:

Risk Analysis; Risk Management; ISO 31000:2018; Information Technology; Bawen

Abstract

Information Technology is an innovation encompassing artifacts, techniques, and knowledge that can solve human problems. However, its utilization must be accompanied by a thorough understanding to prevent various risks that could adversely affect multiple parties. PT XYZ Bawen Branch is a manufacturing company specializing in cardboard box and cardboard sheet packaging, established since 1995 and situated in the Bawen Subdistrict, Semarang Regency, Central Java. PT XYZ has incorporated IT/IS in its business processes, where IT/IS can enhance operational efficiency. Nonetheless, it's important to note that the implementation of IT/IS doesn't always proceed seamlessly and inherently carries its own shortcomings. Hence, this study aims to identify, assess, and mitigate the existing risks within PT XYZ using the ISO 31000:2018 framework. From this research, 26 potential risks were identified within the company. Out of these, there are 15 risks classified as low-risk, 5 as medium-risk, 5 as medium-high-risk, and 1 as high-risk. Among the discovered risks, the researchers offer suggestions or recommendations for risk management, enabling the company to minimize the identified risks and reap the benefits of this research, aligning with the research objectives. Companies need to carefully assess and address risks associated with technology adoption to ensure the smooth functioning of their business processes and to safeguard against any adverse outcomes

Downloads

Download data is not yet available.

References

Daryanto Setiawan, “Dampak Perkembangan Teknologi Informasi dan Komunikasi Terhadap Budaya Impact of Information Technology Development and Communication on,” J. Pendidik., vol. X, no. 2, pp. 195–211, 2017.

C. A. Cholik, “Perkembangan Teknologi Informasi Komunikasi / ICT dalam Berbagai Bidang,” J. Fak. Tek. UNISA Kuningan, vol. 2, no. 2, pp. 39–46, 2021.

S. M. T. Situmeang, “PENYALAHGUNAAN DATA PRIBADI SEBAGAI BENTUK KEJAHATAN SEMPURNA DALAM PERSPEKTIF HUKUM SIBER,” SASI, vol. 27, no. 1, p. 38, Mar. 2021, doi: 10.47268/sasi.v27i1.394.

I. P. A. E. Pratama and M. T. S. Pratika, “Manajemen Risiko Teknologi Informasi Terkait Manipulasi dan Peretasan Sistem pada Bank XYZ Tahun 2020 Menggunakan ISO 31000:2018,” J. Telemat., vol. 15, no. 2, pp. 63–70, 2020.

T. Meyer and G. Reniers, Engineering Risk Management. De Gruyter, 2022. doi: 10.1515/9783110665338.

A. Rocha, “2019 14th Iberian Conference on Information Systems and Technologies (CISTI)?: proceedings of CISTI’2019 - 14th Iberian Conference on Information Systems and Technologies?: 19 to 22 of June 2019, Coimbra, Portugal,” 14th Iber. Conf. Inf. Syst. Technol., no. June, pp. 1–6, 2019.

A. Widyastuti and N. A. N. Zakiyah, “Amanah di Balik Implementasi Manajemen Risiko,” Reviu Akunt. dan Bisnis Indones., vol. 5, no. 2, pp. 151–163, Dec. 2021, doi: 10.18196/rabin.v5i2.12966.

E. Sudarmanto, “Manajemen Risiko: Deteksi Dini Upaya Pencegahan Fraud,” J. Ilmu Manaj., vol. 9, no. 2, p. 107, Jun. 2020, doi: 10.32502/jimn.v9i2.2506.

S. Tranchard, “The new ISO 31000 keeps risk management simple,” Gov. Dir., no. May, pp. 180–183, 2018.

W. Y. Nuswantoro, U. Pembangunan, N. Veteran, J. Timur, and K. Surabaya, “Penerapan Manajemen Risiko Berbasis Aset Sebagai Salah Satu Bentuk Pengamanan Perusahaan pada PT . XYZ,” J. Manaj., vol. 2, no. 1, pp. 93–102, 2023, doi: 10.55123/mamen.v2i1.1209.

B. Prihartono, G. Audrey, P. Annasthacia, and F. Fahlevi, “KEPENTINGAN BERBASIS PROSES BISNIS PADA PT X,” vol. 18, no. 10, pp. 120–129, 2023.

M. M. Sine and E. Maria, “Analisis Manajemen Risiko pada Penerapan Sistem Informasi Pembangunan Daerah (SIPD) Menggunakan IEC/ISO 31010:2019,” Build. Informatics, Technol. Sci., vol. 4, no. 1, 2022, doi: 10.47065/bits.v4i1.1531.

S. A. Atmojo and A. D. Manuputty, “Analisis Manajemen Risiko Teknologi Informasi Menggunakan ISO 31000 pada Aplikasi AHO Office,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 7, no. 3, pp. 546–558, 2020, doi: 10.35957/jatisi.v7i3.525.

W. F. Worotikan and E. Maria, “KLIK: Kajian Ilmiah Informatika dan Komputer Penerapan ISO 31000:2018 untuk Manajemen Risiko E-Ticketing Taman Rekreasi XYZ,” Media Online, vol. 3, no. 5, pp. 449–456, 2023, [Online]. Available: https://djournals.com/klik

M. Miftakhatun, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000,” J. Comput. Sci. Eng., vol. 1, no. 2, pp. 128–146, Aug. 2020, doi: 10.36596/jcse.v1i2.76.

M. I. Fachrezi, “Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan Iso 31000:2018 Diskominfo Kota Salatiga,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 2, pp. 764–773, 2021, doi: 10.35957/jatisi.v8i2.789.

K. M. Linda Lole and E. Maria, “Analisis Manajemen Risiko Pada Aplikasi Pegadaian Digital Service Menu Tabungan Emas Menggunakan ISO 31000:2018,” J. Sist. Komput. dan Inform., vol. 3, no. 3, p. 319, 2022, doi: 10.30865/json.v3i3.3891.

D. Andika and A. Wijaya, “MANAJEMEN RISIKO TEKNOLOGI INFORMASI MENGGUNAKAN FRAMEWORK ISO 31000:2018 PADA PT. TRUST LERINVITAL TIMUR,” J. Mnemon., vol. 5, no. 2, pp. 111–118, Aug. 2022, doi: 10.36040/mnemonic.v5i2.4778.

A. Bharadwaj, M. Keil, and M. Mähring, “Effects of information technology failures on the market value of firms,” J. Strateg. Inf. Syst., vol. 18, no. 2, pp. 66–79, 2009, doi: 10.1016/j.jsis.2009.04.001.

ISO Standards, “ISO 31000:2018 Risk management – Guidelines. International Organization for Standardization.,” ISO Stand., 2018.


Bila bermanfaat silahkan share artikel ini

Berikan Komentar Anda terhadap artikel Analisis Manajemen Risiko Teknologi Informasi Menggunakan Framework ISO 31000:2018

Dimensions Badge

ARTICLE HISTORY


Published: 2023-10-28
Abstract View: 118 times
PDF Download: 75 times

Issue

Vol. 4 No. 2 (2023): Oktober 2023

Section

Articles

Copyright (c) 2023 Devara Liko Ivander, Frederik Samuel Papilaya

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under Creative Commons Attribution 4.0 International License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (Refer to The Effect of Open Access).