Manajemen Risiko Teknologi Informasi Aplikasi E-Office ASN Menggunakan ISO 31000:2018
Abstract views: 702
,
PDF downloads: 537
Abstract
In carrying out the task of government affairs at Diskominfosanditik Sumedang Regency, an E-Government system is implemented, namely the ASN E-Office application which is a website-based and mobile-based application with a minimum specification of Android 4 which is used by all ASN (State Civil Apparatus) consisting of PNS (Civil Servants) and PPPK (Government Employees with Work Agreements) in Sumedang Regency. With this application, there may be threats and attacks including vulnerabilities that pose a risk, which disrupt the process of using the application. Therefore, the researcher decided to conduct information technology risk management research as a handling and protection of the application by applying the risk management process from ISO 31000:2018 where any information needed in this research was obtained from internal sources at Diskominfosanditik Sumedang Regency. This research was conducted in the informatics section and resulted in 14 possible risks consisting of 3 risks with high levels, 2 risks with medium levels, and 9 risks with low levels. From the GAP measurement, there is a difference that the need for risk measurement as the first step for risk management.
References
Y. H. Akbar and L. Nurhayati, “Information System Risk Management Analysis Using Octave-S Method,” J-Sin’s-Jurnal Sist. Inf., vol. 3, no. 2, 2019.
F. A. Hardianto and Y. S. Dharmawan, “Manajemen Risiko TI ISO 31000 Dengan Cobit 5 Dan FMEA (PT. XYZ),” J. SITECH Sist. Inf. dan Teknol., vol. 4, no. 2, pp. 133–146, 2021.
F. Mahardika, “Manajemen Risiko Keamanan Informasi Menggunakan Framework NIST SP 800-30 Revisi 1 (Studi Kasus: STMIK Sumedang),” vol. 02, no. 02, 2017.
K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “Manajemen risiko teknologi informasi menggunakan iso 31000: 2018 (studi kasus: cv. xy),” Sebatik, vol. 23, no. 1, pp. 277–284, 2019.
R. M. Candra, Y. N. Sari, I. Iskandar, and F. Yanto, “Sistem Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000: 2018,” J. CoreIT, vol. 5, no. 1, pp. 19–28, 2019.
M. I. Fachrezi, “Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan Iso 31000: 2018 Diskominfo Kota Salatiga,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 2, pp. 764–773, 2021.
S. A. Atmojo and A. D. Manuputty, “Analisis Manajemen Risiko Teknologi Informasi Menggunakan ISO 31000 Pada Aplikasi AHO Office,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 7, no. 3, pp. 546–558, 2020.
H. I. Pribadi and E. Ernastuti, “Manajemen Risiko Teknologi Informasi Pada Penerapan E-Recruitment Berbasis ISO 31000: 2018 Dengan FMEA (Studi Kasus PT Pertamina),” JSINBIS (Jurnal Sist. Inf. Bisnis), vol. 10, no. 1, pp. 28–35, 2020.
D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, pp. 91–96, 2020.
N. Matondang, I. N. Isnainiyah, and A. Muliawatic, “Analisis manajemen risiko keamanan data sistem informasi (Studi kasus: RSUD XYZ),” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 2, no. 1, pp. 282–287, 2018.
I. P. A. E. Pratama and M. T. S. Pratika, “Manajemen risiko teknologi informasi terkait manipulasi dan peretasan sistem pada Bank XYZ tahun 2020 menggunakan ISO 31000: 2018,” J. Telemat., vol. 15, no. 2, pp. 63–70, 2020.
R. Budiarto, “Manajemen risiko keamanan sistem informasi menggunakan metode fmea dan iso 27001 pada organisasi xyz,” CESS (Journal Comput. Eng. Syst. Sci., vol. 2, no. 2, pp. 48–58, 2017.
W. Harefa and K. D. Hartomo, “Analisis Manajemen Risiko Dengan Menggunakan Framework ISO 31000: 2018 Pada Sistem Informasi Gudang,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 9, no. 1, pp. 407–420, 2022.
E. Saputra, C. Rudianto, and P. F. Tanaem, “Analisis Resiko Sistem Informasi Penjualan Berbasis ISO 31000: Study Kasus PT XYZ,” J. Pengemb. Sist. Inf. dan Inform., vol. 3, no. 1, pp. 1–10, 2022.
H. Hardjomidjojo, C. Pranata, and G. Baigorria, “Rapid assessment model on risk management based on ISO 31000: 2018,” in IOP Conference Series: Earth and Environmental Science, 2022, vol. 1063, no. 1, p. 12043.
H. Qinthara, W. Sutari, and S. A. Salma, “Design of Risk Management System on Material Handling Services to Fulfill ISO 9001: 2015 Requirements Clause 6.1 Based on ISO 31000: 2018,” JKIE (Journal Knowl. Ind. Eng., vol. 8, no. 3, pp. 154–166, 2021.
D. Hendarwan, “Penerapan Manajemen Resiko (Risk Management) Dengan Pendekatan Iso 31000: 2018 Dalam Pelaksanaan Strategi Perusahaan,” Adminika, vol. 8, no. 1, pp. 58–72, 2022.
Copyright (c) 2023 Fathoni Mahardika, Muhammad Agreindra H, Siti Ainun Fatimah, Lusi Tsulutsiah Nur F
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
