Manajemen Risiko Teknologi Informasi Aplikasi E-Office ASN Menggunakan ISO 31000:2018

  • Fathoni Mahardika Fakultas Teknologi Informasi Universitas Sebelas April
  • Muhammad Agreindra H Fakultas Teknologi Informasi Universitas Sebelas April
  • Siti Ainun Fatimah Fakultas Teknologi Informasi Universitas Sebelas April
  • Lusi Tsulutsiah Nur F Fakultas Teknologi Informasi Universitas Sebelas April
Abstract views: 475 , PDF downloads: 376
Keywords: risk management, e-office, asn, ISO 31000


In carrying out the task of government affairs at Diskominfosanditik Sumedang Regency, an E-Government system is implemented, namely the ASN E-Office application which is a website-based and mobile-based application with a minimum specification of Android 4 which is used by all ASN (State Civil Apparatus) consisting of PNS (Civil Servants) and PPPK (Government Employees with Work Agreements) in Sumedang Regency. With this application, there may be threats and attacks including vulnerabilities that pose a risk, which disrupt the process of using the application. Therefore, the researcher decided to conduct information technology risk management research as a handling and protection of the application by applying the risk management process from ISO 31000:2018 where any information needed in this research was obtained from internal sources at Diskominfosanditik Sumedang Regency. This research was conducted in the informatics section and resulted in 14 possible risks consisting of 3 risks with high levels, 2 risks with medium levels, and 9 risks with low levels. From the GAP measurement, there is a difference that the need for risk measurement as the first step for risk management.



Y. H. Akbar and L. Nurhayati, “Information System Risk Management Analysis Using Octave-S Method,” J-Sin’s-Jurnal Sist. Inf., vol. 3, no. 2, 2019.

F. A. Hardianto and Y. S. Dharmawan, “Manajemen Risiko TI ISO 31000 Dengan Cobit 5 Dan FMEA (PT. XYZ),” J. SITECH Sist. Inf. dan Teknol., vol. 4, no. 2, pp. 133–146, 2021.

F. Mahardika, “Manajemen Risiko Keamanan Informasi Menggunakan Framework NIST SP 800-30 Revisi 1 (Studi Kasus: STMIK Sumedang),” vol. 02, no. 02, 2017.

K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “Manajemen risiko teknologi informasi menggunakan iso 31000: 2018 (studi kasus: cv. xy),” Sebatik, vol. 23, no. 1, pp. 277–284, 2019.

R. M. Candra, Y. N. Sari, I. Iskandar, and F. Yanto, “Sistem Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000: 2018,” J. CoreIT, vol. 5, no. 1, pp. 19–28, 2019.

M. I. Fachrezi, “Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan Iso 31000: 2018 Diskominfo Kota Salatiga,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 8, no. 2, pp. 764–773, 2021.

S. A. Atmojo and A. D. Manuputty, “Analisis Manajemen Risiko Teknologi Informasi Menggunakan ISO 31000 Pada Aplikasi AHO Office,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 7, no. 3, pp. 546–558, 2020.

H. I. Pribadi and E. Ernastuti, “Manajemen Risiko Teknologi Informasi Pada Penerapan E-Recruitment Berbasis ISO 31000: 2018 Dengan FMEA (Studi Kasus PT Pertamina),” JSINBIS (Jurnal Sist. Inf. Bisnis), vol. 10, no. 1, pp. 28–35, 2020.

D. L. Ramadhan, R. Febriansyah, and R. S. Dewi, “Analisis Manajemen Risiko Menggunakan ISO 31000 pada Smart Canteen SMA XYZ,” JURIKOM (Jurnal Ris. Komputer), vol. 7, no. 1, pp. 91–96, 2020.

N. Matondang, I. N. Isnainiyah, and A. Muliawatic, “Analisis manajemen risiko keamanan data sistem informasi (Studi kasus: RSUD XYZ),” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 2, no. 1, pp. 282–287, 2018.

I. P. A. E. Pratama and M. T. S. Pratika, “Manajemen risiko teknologi informasi terkait manipulasi dan peretasan sistem pada Bank XYZ tahun 2020 menggunakan ISO 31000: 2018,” J. Telemat., vol. 15, no. 2, pp. 63–70, 2020.

R. Budiarto, “Manajemen risiko keamanan sistem informasi menggunakan metode fmea dan iso 27001 pada organisasi xyz,” CESS (Journal Comput. Eng. Syst. Sci., vol. 2, no. 2, pp. 48–58, 2017.

W. Harefa and K. D. Hartomo, “Analisis Manajemen Risiko Dengan Menggunakan Framework ISO 31000: 2018 Pada Sistem Informasi Gudang,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 9, no. 1, pp. 407–420, 2022.

E. Saputra, C. Rudianto, and P. F. Tanaem, “Analisis Resiko Sistem Informasi Penjualan Berbasis ISO 31000: Study Kasus PT XYZ,” J. Pengemb. Sist. Inf. dan Inform., vol. 3, no. 1, pp. 1–10, 2022.

H. Hardjomidjojo, C. Pranata, and G. Baigorria, “Rapid assessment model on risk management based on ISO 31000: 2018,” in IOP Conference Series: Earth and Environmental Science, 2022, vol. 1063, no. 1, p. 12043.

H. Qinthara, W. Sutari, and S. A. Salma, “Design of Risk Management System on Material Handling Services to Fulfill ISO 9001: 2015 Requirements Clause 6.1 Based on ISO 31000: 2018,” JKIE (Journal Knowl. Ind. Eng., vol. 8, no. 3, pp. 154–166, 2021.

D. Hendarwan, “Penerapan Manajemen Resiko (Risk Management) Dengan Pendekatan Iso 31000: 2018 Dalam Pelaksanaan Strategi Perusahaan,” Adminika, vol. 8, no. 1, pp. 58–72, 2022.

PlumX Metrics