Penerapan ISO 31000:2018 untuk Manajemen Risiko IT pada Sistem Penerbitan PT. X
DOI:
https://doi.org/10.55606/isaintek.v7i2.269Keywords:
Evaluasi Risiko, ISO 31000:2018, Manajemen Informasi, Mitigasi Risiko, Teknologi InformasiAbstract
This research examines the application of ISO 31000:2018 in IT risk management within the publishing system of PT. X, a book publishing company. ISO 31000:2018 is an international standard providing systematic guidance to identify, analyze, and manage risks, aiming to enhance operational efficiency and organizational sustainability. Using a qualitative approach, this study incorporates literature reviews and interviews with the publishing manager of PT. X to further understand risk management implementation and identify existing gaps. The identified risks include natural, human, and system-related factors, totaling 23 risks such as hacking attacks, data theft, and server damage. Risk analysis was conducted using likelihood and impact parameters to evaluate the frequency and consequences of risks on company operations. The findings reveal that implementing ISO 31000:2018 offers an effective framework for managing risks at PT. X, enhancing risk awareness, safeguarding company assets, and supporting decision-making processes. This study also provides strategic recommendations to improve risk management and strengthen operational resilience at PT. X.
References
Aprianto, K., Endroyono, & Nugroho, S. M. S. (2021). Analisis Manajemen Resiko Teknologi Informasi Penerapan Pada Document Management System di PT. Jabar Telematika (JATEL). In Jurnal Teknik Informatika dan Sistem Informasi (Vol. 1).
Aprianto, K., Mardi Susiki Nugroho, S., Elektro, T., Teknologi Elektro dan Informatika Cerdas, F., & Surabaya, I. (2021). Analisis Manajemen Risiko SPBE Menggunakan COBIT 5 For Risk dan ISO 31000:2018 di Kabupaten Magetan E-Government Risk Management Analysis Using COBIT 5 For Risk and ISO 31000:2018 in Magetan Regency. In Jurnal Ilmu Pengetahuan dan Teknologi Komunikasi (Vol. 23, Issue 2).
Fachrezi, M. I., Dwika Cahyono, A., & Tanaem, P. F. (2021). Manajemen Risiko Keamanan Aset Teknologi Informasi Menggunakan ISO 31000:2018 Diskominfo Kota Salatiga. Jurusan Sistem Informasi, 8(2). http://jurnal.mdp.ac.id
Jericho, & Haryani, E. (2024). Penerapan ISO 31000:2018 untuk Analisis Manajemen Risiko pada Sistem Informasi Smart Operation di PT. XYZ. Jurnal Riset Sistem Informasi Dan Teknik Informatika (JURASIK), 9(2), 947. https://tunasbangsa.ac.id/ejurnal/index.php/jurasik
Kevin Geofanny, G., & Rocky Tanaamah, A. (2022). Sistem Manajemen Risiko Berbasis ISO 31000:2018 Di PT. Bawen Mediatama. Jurnal Teknik Informatika Dan Sistem Informasi, 9(4), 2870–2878. http://jurnal.mdp.ac.id
Lokobal, A., Pascasarjana, A., Sam, U., Marthin, R., Sumajouw, D. J., & Sompie, B. F. (2014). MANAJEMEN RISIKO PADA PERUSAHAAN JASA PELAKSANA KONSTRUKSI DI PROPINSI PAPUA (Study Kasus di Kabupaten Sarmi). Jurnal Ilmiah Media Engineering, 4(2), 109–118.
Nurhadi, E., Chumaidiyah, E., & Andrawina, L. (2023). Penilaian Risiko Eksternal (Market dan Lingkungan) Berdasarkan Kerangka ISO 31000: 2018 yang Terintegrasi ISO 9001: 2015. Jurnal INTECH Teknik Industri Universitas Serang Raya, 9(1), 22–32. https://doi.org/10.30656/intech.v9i1.5430
Rahardian, T. F., & Wijaya, A. F. (2022). Risk Analysis of Web-Based Information Systems on CV Mega Komputama Uses ISO 31000. Journal of Information Systems and Informatics, 4(2). http://journal-isi.org/index.php/isi
