Matriks Evaluasi Risiko Penerapan IS/IT Menggunakan Standar ISO 31000:2018 (Studi Kasus: PT XYZ)
DOI:
https://doi.org/10.61769/telematika.v17i2.522Keywords:
risk management, ISO 31000, risk of implementation IS/IT, IS/IT risk, risk treatmentAbstract
PT XYZ is one of the largest trading companies in Palembang city. PT XYZ utilizes IS/IT to support its business processes. PT XYZ uses computers, LANs, servers, supported applications, and applications made by the IT team. IS/IT implementation at PT XYZ was not always smooth. PT XYZ had experienced problems, such as Wi-Fi problems, applications problems, not updated applications, and other human errors. PT XYZ has concerns that those problems will risk burdening the business processes in the company. The purpose of this research is to analyzee the risk of implementing IS/IT using the ISO 31000:2018 standard. All steps in IS/IT implementation risk management with ISO 31000:2018 standards have been implemented well at PT XYZ. From the results of this study, there are 21 possible risks with the risk management option plan chosen by the company, 10% risk is acceptable, 57% risk can be mitigated, 29% risk must be avoided, and 5% risk will be shared for handling the risk. Handling this risk is expected to assist the company in dealing with IS/IT implementation risks that can occur at any time.
References
N. F. Astuti, “Manfaat Teknologi Informasi di Berbagai Bidang, Memudahkan Kehidupan Manusia.” Merdeka (30 Desember 2020). [Daring]. Tersedia: https://www.merdeka.com/jabar/manfaat-teknologi-informasi-di-berbagai-bidang-memudahkan-kehidupan-manusia-kln.html
D. Larasati, “Manajemen Risiko pada Sistem Informasi Distribusi Produk Menggunakan ISO 31000:2009 (Studi Kasus: PT Sinar Niaga Sejahtera Distributor Produk Garudafood Depo Lahat),” Skripsi, Prodi Sistem Informasi Universitas Sriwijaya, Palembang, 2021.
G. M. Marakas dan J. A. O’Brien, Pengantar Sistem Informasi (Introduction to Information Systems), Ed. 16. Jakarta: Salemba Empat, 2017.
A. Kadir, Pengenalan Sistem Informasi, Revisi. Yogyakarta: Andi, 2014.
D. M. M. Hanafi, Manajemen Risiko, Ed. 1. Yogyakarta: Unit Penerbit dan Percetakan Sekolah Tinggi Ilmu Manajemen YKPN, 2006.
ISO, “ISO 31000:2018 Risk Management - Guidelines,” 2018. [Daring]. Tersedia: https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-2:v1:en [21 Feb 2022].
ISO, “ISO 31000:2009 Risk Management - Principles and Guidelines,” 2009. [Daring]. Tersedia: https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en [21 Feb 2022].
S. A. K. Rafiie, Manajemen: Teori dan Aplikasi, Ed. 1. Bandung: Alfabeta, 2017.
Sugiyono, Metode Penelitian Bisnis, Ed. 1, Bandung: Alfabeta, 2014.
Badan Standardisasi Nasional, “Penerapan Manajemen ISO 31000:2018,” hlm. 173, 2018. [Daring]. Tersedia: http://www.hzg.de/imperia/md/content/gkss/zentrale_einrichtungen/bibliothek/berichte/gkss_berichte_2008/gkss_2008_1.pdf
Downloads
Published
Issue
Section
License
Copyright (c) 2023 Ivana Celesta, Maria Bellaniar Ismiati
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation.
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.