Analisa Risiko Kelangsungan Bisnis, Pengawasan dan Evaluasi Teknologi Informasi di PT ABC

Raymond Adrian Hardha(1*), Adi Wibowo(2), Agustinus Noertjahyana(3),


(1) Program Studi Teknik Informatika
(2) Program Studi Teknik Informatika
(3) Program Studi Teknik Informatika
(*) Corresponding Author

Abstract


PT ABC is a company engaged in the production of reinforced
concrete. In carrying out its business processes, the company is
using the server, network, software, hardware, PC software. With
the disruption of one of these systems, the data processing will be
annoyed at having to manually process data and perform the
input to the database after the system can run normally again.
Looking at the situation and condition of PT ABC, did not rule out
the occurrence of risks such as damage to data integrity and
continuity disruption of business processes.
In this thesis conducted a risk analysis of the IT continuity and
monitoring of PT ABC. Risk analysis using the framework of ISO
31000, for process analysis and its use COBIT 4.1 control
practices, and use risk rating methodology (OWASP) for
calculating the value of risk. There are 7 risks found from analysis. One risk that has high
severity is the company did not have those who has responsibility
to monitor irregularities. Two medium risks are the company did
not have business continuity plan, and also a framework to build
that plan. Four risks with low severity are the company did not
have an offsite backup, did not have a priority plan, no training
for employees to upgrade analysis skills, and never update IT
continuity plan.


Keywords


Analisa Risiko, ISO 31000, COBIT 4.1, COBIT Control Practices, OWASP

Full Text:

PDF

References


International Organizasion for Standarization. 2005.

Information technology – Security techniques – Code of

practice for information security management. USA:

International Organizasion for Standarization

International Organizasion for Standarization. 2008. Risk

management - Principles and guidelines on implementation.

Case Postale: International Organizasion for Standarization

International Organizasion for Standarization. 2011. Societal

security - Business continuity management systems. Case

Postale: International Organizasion for Standarization

International Organizasion for Standarization. 2013.

Information technology – Security techniques – Information

security management systems - Requirements. Case Postale:

International Organizasion for Standarization

IT Governance Institute. 2007. CobiT Control Practices:

Guidance to Achieve Control Objectives for Successful IT

Governance, 2nd Edition. Rolling Meadows: IT Governance

Institute

IT Governance Institute. 2007. CobiT 4.1. Rolling Meadows:

IT Governance Institute

The OWASP Risk Rating Methodology. Retrieved May 23,

, from

https://www.owasp.org/index.php/OWASP_Risk_Rating_M

ethodology.

Queensland government. Business Continuity Management

Framework. Queensland Government

Wanarta, C. 2013. IT Risk Assessment di PT X. Surabaya:

Universitas Kristen Petra.


Refbacks

  • There are currently no refbacks.


Jurnal telah terindeks oleh :