Information System Risk Management Analysis with ISO 31000 Method at the Industry and Manpower Office
Abstract
Every government agency, must have administrative assets and application systems used, as well as the industrial sector of the Salatiga City Disperinnaker. From each of these activities, there must be threats and risks. To minimize it, a risk analysis is needed in order to prevent, treat, and improve the risks that occur. This risk analysis uses the ISO 31000 method. The ISO 31000 method is more perspective and conceptual compared to other ISO methods. There are 2 stages in this risk analysis, namely risk assessment and risk treatment. The purpose of conducting a risk analysis using the ISO 31000 method is to identify possible risks that arise and to know the level of impact of these risks and to come up with proposals for actions or efforts to minimize the risks that occur, both for assets and applications used in the Salatiga City Disperinnaker industry. so that activities can run optimally.
References
[2] S. A. Sherer and S. Alter, “Information Systems Risks and Risk Factors: Are They Mostly About Information Systems?,” Commun. Assoc. Inf. Syst., vol. 14, no. May 2014, 2004, doi: 10.17705/1cais.01402.
[3] N. Student et al., “Developing a Risk Management System for Information Systems Security Incidents,” Georg. Inst. Technol. Copyr., vol. 28, no. 1, pp. 1–6, 2014, [Online]. Available: http://www.sba-research.org/team/senior-researcher/andreas-ekelhart/%5Cnhttp://aisel.aisnet.org/cais/vol28/iss1/22%5Cnhttp://www.occ.gov/publications/publications-by-type/comptrollers-handbook/mis.pdf%5Cnhttp://www.carat.ku.edu/CARAT/research/papers-belie.
[4] G. Stoneburner, A. Goguen, and A. Feringa, “Risk Management Guide for Information Technology Systems (Special Publication 800-30). Gaithersburg, MD: National Institute of Standards and Technology,” 2002.
[5] H. Očevčić, K. Nenadić, K. Šolić, and T. Keser, “The impact of information system risk management on the frequency and intensity of security incidents,” Int. J. Electr. Comput. Eng. Syst., vol. 8, no. 2, pp. 41–46, 2017, doi: 10.32985/ijeces.8.2.1.
[6] S. Amraoui, M. Elmaallam, H. Bensaid, and A. Kriouile, “Information Systems Risk Management: Litterature Review,” Comput. Inf. Sci., vol. 12, no. 3, p. 1, 2019, doi: 10.5539/cis.v12n3p1.
[7] O. Đurković and L. Raković, “Risks in Information Systems Development Projects,” Management, vol. 4, no. 1, pp. 013–019, 2009.
[8] V. Cantino, P. De Vincentiis, and G. Racca, “Risk management : Risk management :,” vol. 51, no. 4, pp. 1–12, 2016.
[9] M. Leitch, “ISO 31000:2009 - The new international standard on risk management: Perspective,” Risk Anal., vol. 30, no. 6, pp. 887–892, 2010, doi: 10.1111/j.1539-6924.2010.01397.x.
[10] S. N. Luko, “Risk management principles and guidelines,” Qual. Eng., vol. 25, no. 4, pp. 451–454, 2013, doi: 10.1080/08982112.2013.814508.
[11] M. Miftakhatun, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000,” J. Comput. Sci. Eng., vol. 1, no. 2, pp. 128–146, 2020, doi: 10.36596/jcse.v1i2.76.
[12] F. F. Sudarsono, R. W. Saputra, N. Sani, N. F. Nisa, I. Jannah, and I. S. Rozas, “Analisis Manajemen Risiko Berdasarkan ISO 31000 Pada Pesantren Luhur AlHusna Wonocolo Surabaya - Jurnal Ekonomi dan Manajemen Vol.11 No.12014,” 2018, pp. 160–173.
[13] B. Baharuddin and M. M. Yusof, “Evaluation of risk management practices in information systems project in the public sector,” J. Pengur., vol. 53, no. 2018, pp. 23–36, 2018, doi: 10.17576/pengurusan-2018-52-03.
[14] K. B. Mahardika, A. F. Wijaya, and A. D. Cahyono, “Manajemen Risiko Teknologi Informasi Menggunakan Iso 31000 : 2018 (Studi Kasus: Cv. Xy),” Sebatik, vol. 23, no. 1, pp. 277–284, 2019, doi: 10.46984/sebatik.v23i1.572.
[15] H. T. I. Driantami, Suprapto, and A. R. Perdanakusuma, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 ( Studi kasus : Sistem Penjualan PT Matahari Department Store Cabang Malang Town Square ),” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 2, no. 11, pp. 4991–4998, 2018.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
JATIS oleh http://jurnal.mdp.ac.id/index.php/jatisi disebarluaskan di bawah Lisensi Creative Commons Atribusi-BerbagiSerupa 4.0 Internasional.
