Analisis, Evaluasidan Mitigasi Risiko Aset Teknologi Informasi MenggunakanFramework OCTAVE dan FMEA Pada Bank Jateng Cabang Jepara
DOI:
https://doi.org/10.33633/joins.v2i2.1678Abstract
Abstrak Penerapan teknologi informasi pada sektor perbankan dapat membantu proses pengelolaan dan pengolahan informasi yang telah dilakukan oleh Bank Jateng Cabang Jepara, seperti kegiatan pengelolaan data dan informasi yang proses aktivitasnya berkaitan langsung dengan nasabahnya. Permasalahan yang sering dialami kehilangan data yang disebabkan oleh virus, data rusak, pengulangan data, maupun hak akses yang disalahgunakan oleh pihak terkait. Kejadian tersebut mengakibatkan semua kegiatan operasional terganggu dan terhenti. Tujuan dari penelitian ini adalah untuk mengetahui apa saja aset TI yang ada di perusahaan, menganalisis dan mengevaluasi dalam memperkecil risiko yang terjadi pada setiap aset TI sertamengetahui hasil penilaian atas mitigasi risiko aset teknologi informasi. Metode penelitian yang digunakan adalah Octave untuk mengelola risiko aset TI dan FMEA untuk melakukan penilaian terhadap masing-masing risiko, yang kemudian diberikan ranking berdasarkan prioritasnya. Hasil yang diperoleh dari penelitian ini adalah ranking yang mempunyai 7 risiko level very high, 11 risiko level high, 12 risiko level moderate, 21 risiko level low, 3 risiko level very low. Sehingga dari hasil RPN, yang perlu diberikan penangan khusus yaitu RPN yang mempunyai level very high dan high. Serta dengan menerapkan kontrol ISO 27002:2013 sebagai pengendalian dan prosedur Sistem Manajemen Keamanan Informasi untuk meminimalisir atau mengilangkan suatu risiko.  Kata kunci— Mitigasi Risiko, Teknologi Informasi, Aset, OCTAVE, FMEA, ISO 27002:2013. Abstract  Implementation of information technology in the banking sector can assist the process of managing and processing information that has been done by Bank Jateng Jepara Branch, such as data and information management activities that process activities directly related to its customers. Problems often experienced data loss caused by viruses, corrupted data, repetition of data, or access rights that are misused by related parties. The incident resulted in all operational activities disrupted and stopped. The purpose of this study is to find out what are the existing IT assets in the company, analyze and evaluate in minimizing the risk that occurs on each IT asset and know the results of the assessment of risk mitigation of information technology assets. The research method used is Octave to manage the risk of IT assets and FMEA to assess each risk, which is then ranked by priority. The results obtained from this research are rank that has 7 very high level risk, 11 high risk level, 12 moderate risk level, 21 low risk level, 3 very low risk level. So from the results of RPN, which needs to be given a special handler that is RPN that have very high level and high. And by applying ISO 27002: 2013 control as a control and procedures Information Security Management System to minimize or eliminate a risk. Keywords—Risk Mitigation, Information Technology, Assets, OCTAVE, FMEA, ISO 27002: 2013Downloads
Published
2017-10-17
How to Cite
[1]
P. N. Putri and H. P. Hadi, “Analisis, Evaluasidan Mitigasi Risiko Aset Teknologi Informasi MenggunakanFramework OCTAVE dan FMEA Pada Bank Jateng Cabang Jepara”, Journal of Information System, vol. 2, no. 2, pp. 213–226, Oct. 2017.
Issue
Section
Articles
License
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
This work is licensed under a Creative Commons Attribution 4.0 International License.