Analisa Risiko Kelangsungan Bisnis, Pengawasan dan Evaluasi Teknologi Informasi di PT ABC

Authors

  • Raymond Adrian Hardha Program Studi Teknik Informatika
  • Adi Wibowo Program Studi Teknik Informatika
  • Agustinus Noertjahyana Program Studi Teknik Informatika

Keywords:

Konfusius, Nilai-nilai pendidikan, Pendidikan bahasa Tionghoa, Lembaga Kursus CHHS, Guru pengajar bahasa Tionghoa

Abstract

PT ABC is a company engaged in the production of reinforced
concrete. In carrying out its business processes, the company is
using the server, network, software, hardware, PC software. With
the disruption of one of these systems, the data processing will be
annoyed at having to manually process data and perform the
input to the database after the system can run normally again.
Looking at the situation and condition of PT ABC, did not rule out
the occurrence of risks such as damage to data integrity and
continuity disruption of business processes.
In this thesis conducted a risk analysis of the IT continuity and
monitoring of PT ABC. Risk analysis using the framework of ISO
31000, for process analysis and its use COBIT 4.1 control
practices, and use risk rating methodology (OWASP) for
calculating the value of risk. There are 7 risks found from analysis. One risk that has high
severity is the company did not have those who has responsibility
to monitor irregularities. Two medium risks are the company did
not have business continuity plan, and also a framework to build
that plan. Four risks with low severity are the company did not
have an offsite backup, did not have a priority plan, no training
for employees to upgrade analysis skills, and never update IT
continuity plan.

References

[1] International Organizasion for Standarization. 2005.

Information technology – Security techniques – Code of

practice for information security management. USA:

International Organizasion for Standarization

[2] International Organizasion for Standarization. 2008. Risk

management - Principles and guidelines on implementation.

Case Postale: International Organizasion for Standarization

[3] International Organizasion for Standarization. 2011. Societal

security - Business continuity management systems. Case

Postale: International Organizasion for Standarization

[4] International Organizasion for Standarization. 2013.

Information technology – Security techniques – Information

security management systems - Requirements. Case Postale:

International Organizasion for Standarization

[5] IT Governance Institute. 2007. CobiT Control Practices:

Guidance to Achieve Control Objectives for Successful IT

Governance, 2nd Edition. Rolling Meadows: IT Governance

Institute

[6] IT Governance Institute. 2007. CobiT 4.1. Rolling Meadows:

IT Governance Institute

[7] The OWASP Risk Rating Methodology. Retrieved May 23,

2014, from

https://www.owasp.org/index.php/OWASP_Risk_Rating_M

ethodology.

[8] Queensland government. Business Continuity Management

Framework. Queensland Government

[9] Wanarta, C. 2013. IT Risk Assessment di PT X. Surabaya:

Universitas Kristen Petra.

Downloads

Published

2015-08-14

Issue

Section

Articles