Risk Management Analysis Using the ISO 31000:2018 Framework on the E-Gudang Information System of the Civil Service Police Unit of Surabaya City
Keywords:
E-Gudang, ISO 31000:2018, Risk Analysis, Risk ManagementAbstract
The role of technology in today's business world is becoming increasingly important, especially in supporting the growth of companies or organizations. By optimizing Information Systems/Information Technology (IS/IT), institutions can enhance their competitiveness. However, the optimization of information technology assets also increases the risk that can threaten the achievement of company goals. Effective IS/IT risk management is crucial to maximizing the usefulness of information technology assets and improving business process efficiency. The Civil Service Police Unit (Satpol PP) requires good IS/IT risk management, particularly for the E-Gudang Information System used to manage Confiscated Goods (BHP). The risks of data loss, information leakage, and data input errors are challenges faced by Satpol PP in Surabaya. The E-Gudang Information System helps control BHP, manage inventory, and is integrated with other departments such as the public order and general affairs divisions. However, operational risks remain. Therefore, a comprehensive information technology risk management analysis is needed. The ISO 31000:2018 method is used to identify, assess, and manage these risks. ISO 31000:2018 provides guidelines for risk assessment, helping to evaluate the risk value of each identified risk. This study aims to minimize potential risks and provide recommendations to Satpol PP regarding risks in the E-Gudang Information System. The results of this study found 12 potential risk threats, including 2 with a high level, 9 with a medium level, and 1 with a low level.
Downloads
References
T. Widy Chrisanty and J. Tambotoh, “ANALISIS MANAJEMEN RISIKO SISTEM INFORMASI MENGGUNAKAN ISO 31000:2018 di PT. XYZ,” 2023.
V. Patrick, P. Wijaya, and A. D. Manuputty, “Manajemen Risiko Teknologi Informasi Pada BTSI UKSW Menggunakan ISO 31000:2018,” vol. 9, no. 2, pp. 1295–1307, 2022.
N. N. Setyaningrum and E. Maria, “PENERAPAN ISO 31000:2018 UNTUK MANAJEMEN RISIKO PADA SISTEM INFORMASI SEKOLAH TERPADU,” 2024.
F. Mahardika, M. Agreindra H, S. A. Fatimah, and L. T. Nur F, “Manajemen Risiko Teknologi Informasi Aplikasi E-Office ASN Menggunakan ISO 31000:2018,” Infotekmesin, vol. 14, no. 2, pp. 237–243, Jul. 2023, doi: 10.35970/infotekmesin.v14i2.1877.
ISO, “ISO 31000:2018 Risk management — Guidelines,” www.iso.org. Accessed: Jul. 26, 2024. [Online]. Available: https://www.iso.org/standard/65694.html
Y. Erlika et al., “Analisis IT Risk Management di Universitas Bina Darma Menggunakan ISO31000”.
V. Patrick, P. Wijaya, and A. D. Manuputty, “Manajemen Risiko Teknologi Informasi Pada BTSI UKSW Menggunakan ISO 31000:2018,” vol. 9, no. 2, pp. 1295–1307, 2022.
W. Harefa and K. D. Hartomo, “Analisis Manajemen Risiko Dengan Menggunakan Framework ISO 31000:2018 Pada Sistem Informasi Gudang,” Jurnal Teknik Informatika dan Sistem Informasi, vol. 9, pp. 407–420, Mar. 2022, [Online]. Available: http://jurnal.mdp.ac.id
Peraturan Pemerintah RI, “PERATURAN PEMERINTAH REPUBLIK INDONESIA NOMOR 16 TAHUN 2018.” Accessed: Aug. 15, 2024. [Online]. Available: https://peraturan.bpk.go.id/Details/77284/pp-no-16-tahun-2018
H. Bahalwan, R. Puspitasari, and F. Wahmuda, “Redesain Rompi Multifungsi Satuan Polisi Pamong Praja (Satpol PP),” Jurnal Ilmu Komputer dan Desain Komunikasi Visual, vol. 9, no. 1, Jul. 2024.
G. Stoneburner, A. Goguen, and A. Feringa, Risk Management Guide for Information Technology Systems Recommendations of the National Institute of Standards and Technology. Gaithersburg: National Institute of Standards and Technology Special Publication, 2002.
R. I. Liperda and U. Ayu Septia Nieng, “ANALISIS MANAJEMEN RESIKO APLIKASI MYPERTAMINA DENGAN MENGGUNAKAN ISO 31000,” INFOTECH journal, vol. 9, no. 2, pp. 361–370, Jul. 2023, doi: 10.31949/infotech.v9i2.6232.
P. Kanantyo, F. S. Papilaya, K. S. Wacana, J. Blotongan, K. Salatiga, and J. Tengah, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 (Learning Management System SMPN 6 Salatiga),” 2021. [Online]. Available: http://jurnal.mdp.ac.id
F. Moi and I. G. A. N. Purnawirati, “Analisis Manajemen Risiko Pada Proyek Pembangunan Ruas Jalan Baru Waebetu – Tarawaja,” Jurnal Talenta Sipil, vol. 4, no. 1, p. 79, Feb. 2021, doi: 10.33087/talentasipil.v4i1.52.
V. Patrick, P. Wijaya, and A. D. Manuputty, “Manajemen Risiko Teknologi Informasi Pada BTSI UKSW Menggunakan ISO 31000:2018,” Jurnal Teknik Informatika dan Sistem Informasi, vol. 9, no. 2, pp. 1295–1307, 2022.
S. Sarjana et al., Manajemen Risiko. Kota Bandung: CV. MEDIA SAINS INDONESIA, 2022.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 TeIKa
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
The submitting author warrants that the submission is original and that she/he is the author of the submission together with the named co-authors; to the extend the submission incorporates text passages, figures, data or other material from the work of others, the submitting author has obtained any necessary permission.
Articles in this journal are published under the Creative Commons Share Alike Attribution Licence (CC-BY-SA What does this mean?). This is to get more legal certainty about what readers can do with published articles, and thus a wider dissemination and archiving, which in turn makes publishing with this journal more valuable for you, the authors.
By submitting an article the author grants to this journal the non-exclusive right to publish it. The author retains the copyright and the publishing rights for his article without any restrictions.
