Risk Management Analysis of Information Technology (IT) Asset Security Using ISO 31000 and FMEA
DOI:
https://doi.org/10.26740/jetis.v1i01.35823Keywords:
FMEA, Information Technology Assets, ISO 31000, Risk ManagementAbstract
Information technology assets play an important role in the running of business processes at BPS Kota Mojokerto because information technology assets are one of the important sources of information at BPS Kota Mojokerto. The absence of a structured policy regarding special handling in terms of information technology asset management and the lack of understanding of BPS employees about security and related information technology asset components are one of the causes of potential risks at BPS Kota Mojokerto. The purpose of this study is to identify, assess and mitigate risks related to information technology managed by BPS Kota Mojokerto based on the ISO 31000 and FMEA methods. This research method uses qualitative analysis through in-depth interviews and evaluation of SOP documents and related IT assets. The results of the study identified 58 overall risks to IT assets. It is hoped that the results of the risk management document can be used as a tool for BPS Kota Mojokerto to minimize risks, as well as develop detailed and systematic risk mitigation analysis.
References
[1] F. A. Hardianto dan Y. S. Dharmawan, “Manajemen Risiko TI ISO 31000 Dengan Cobit 5 Dan FMEA (PT. XYZ),” J. SITECH Sist. Inf. Dan Teknol., vol. 4, no. 2, hlm. 133–146, Feb 2022, doi: 10.24176/sitech.v4i2.6649.
[2] H. T. I. Driantami, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 (Studi kasus: Sistem Penjualan PT Matahari Department Store Cabang Malang Town Square)”.
[3] M. I. Fachrezi, “MANAJEMEN RISIKO KEAMANAN ASET TEKNOLOGI INFORMASI MENGGUNAKAN ISO 31000:2018 DISKOMINFO KOTA SALATIGA,” JATISI J. Tek. Inform. Dan Sist. Inf., vol. 8, no. 2, hlm. 764–773, Jun 2021, doi: 10.35957/jatisi.v8i2.789.
[4] H. I. Pribadi dan E. Ernastuti, “Manajemen Risiko Teknologi Informasi Pada Penerapan E-Recruitment Berbasis ISO 31000:2018 Dengan FMEA (Studi Kasus PT Pertamina),” J. Sist. Inf. BISNIS, vol. 10, no. 1, hlm. 28–35, Mei 2020, doi: 10.21456/vol10iss1pp28-35.
[5] M. Miftakhatun, “Analisis Manajemen Risiko Teknologi Informasi pada Website Ecofo Menggunakan ISO 31000,” J. Comput. Sci. Eng. JCSE, vol. 1, no. 2, hlm. 128–146, Agu 2020, doi: 10.36596/jcse.v1i2.76.
[6] K. M. Linda Lole dan E. Maria, “Analisis Manajemen Risiko Pada Aplikasi Pegadaian Digital Service Menu Tabungan Emas Menggunakan ISO 31000:2018,” J. Sist. Komput. Dan Inform. JSON, vol. 3, no. 3, hlm. 319, Mar 2022, doi: 10.30865/json.v3i3.3891.
[7] S. Agustinus, A. Nugroho, dan A. D. Cahyono, “Analisis Risiko Teknologi Informasi Menggunakan ISO 31000 pada Program HRMS,” J. RESTI Rekayasa Sist. Dan Teknol. Inf., vol. 1, no. 3, hlm. 250–258, Des 2017, doi: 10.29207/resti.v1i3.94.
[8] B. L. Mahersmi, F. A. Muqtadiroh, dan B. C. Hidayanto, “ANALISIS RISIKO KEAMANAN INFORMASI DENGAN MENGGUNAKAN METODE OCTAVE DAN KONTROL ISO 27001 PADA DISHUBKOMINFO KABUPATEN TULUNGAGUNG,” 2016.
[9] M. R. Fawaji, I. Santosa, dan W. A. Nurtrisha, “Manajemen Risiko SIMRS Unit Rekam Medis Di Rumah Sakit Al-Ihsan Menggunakan ISO 31000:2018”.
[10] F. Mahardika, M. Agreindra H, S. A. Fatimah, dan L. T. Nur F, “Manajemen Risiko Teknologi Informasi Aplikasi E-Office ASN Menggunakan ISO 31000:2018,” Infotekmesin, vol. 14, no. 2, hlm. 237–243, Jul 2023, doi: 10.35970/infotekmesin.v14i2.1877.
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Carisa Indira Carisa Dewi, Ghea Sekar Palupi
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Abstract views: 0
