PENERAPAN MANAJEMEN RISIKO ASET IT PADA PERUSAHAAN MENGGUNAKAN ISO 31000 DAN STANDAR PENGENDALIAN ISO 27001 (STUDI KASUS: PT. JASAMARGA TOLLROAD OPERATOR)

AMINAH, SITI (2023) PENERAPAN MANAJEMEN RISIKO ASET IT PADA PERUSAHAAN MENGGUNAKAN ISO 31000 DAN STANDAR PENGENDALIAN ISO 27001 (STUDI KASUS: PT. JASAMARGA TOLLROAD OPERATOR). S1 thesis, Universitas Mercu Buana Bekasi.

[img]
Preview
Text
41819210029 - Siti Aminah - 01 Cover.pdf

Download (418kB) | Preview
[img]
Preview
Text
41819210029 - Siti Aminah - 02 Abstrak.pdf

Download (30kB) | Preview
[img] Text
41819210029 - Siti Aminah - 03 BAB 1.pdf
Restricted to Registered users only

Download (35kB)
[img] Text
41819210029 - Siti Aminah - 04 BAB 2.pdf
Restricted to Registered users only

Download (185kB)
[img] Text
41819210029 - Siti Aminah - 05 BAB 3.pdf
Restricted to Registered users only

Download (166kB)
[img] Text
41819210029 - Siti Aminah - 06 BAB 4.pdf
Restricted to Registered users only

Download (248kB)
[img] Text
41819210029 - Siti Aminah - 07 BAB 5.pdf
Restricted to Registered users only

Download (25kB)
[img] Text
41819210029 - Siti Aminah - 09 Daftar Pustaka.pdf
Restricted to Registered users only

Download (220kB)
[img] Text
41819210029 - Siti Aminah - 10 Lampiran.pdf
Restricted to Registered users only

Download (1MB)

Abstract

Dalam penerapan teknologi informasi memerlukan perencanaan yang strategis agar penerapannya dapat selaras dengan tujuannya. Jika tidak sesuai dalam penerapannya, maka hal ini lah yang menimbulkan risiko. Risiko yang timbul akibat ketidaksesuaian penerapannya ini akan berakibat proses bisnis yang berjalan tidak optimal, kemudian timbul kerugian finansial, dan berbagai hal lain yang dapat merugikan perusahaan. Untuk menangani hal tersebut setiap organisasi atau perusahaan harus memiliki risk management dalam divisinya. Tujuan dari penelitian ini untuk mengetahui sejauh mana tingkat keamanan aset IT dan pengendalian dari dampak risiko yang dimiliki oleh PT Jasamarga Tollroad Operation. Metode yang digunakan adalah ISO 31000 untuk mengidentifikasi risiko serta dampaknya pada aset IT dan standar pengendalian keamanan menggunakan ISO 27001 sebagai bahan acuan pada perlakuan risiko. Dari Hasil penelitian yang dilakukan dapat ditarik kesimpulan bahwa ada 4 kemungkinan resiko yang memiliki risk level high yaitu diantaranya kesalahan pegawai (human eror), aplikasi server, database server dan email server terkena virus, kerusakan hardware, dan koneksi jaringan terputus. Kemudian ditemukan 13 kemungkinan resiko yang memiliki risk level medium dan yang terakhir ditemukan 5 kemungkinan resiko yang memiliki risk level low. Kata kunci: Risk management, ISO 31000, ISO 27001, Aset IT, Analisis Risiko In the era of increasingly rapid technological development, companies strive to keep up with the updated technology. With the existence of information technology, the productivity of an organization or company will increase. The goal is that the application of information technology can produce good value for the company. In the application of information technology requires strategic planning so that its application can be aligned with its goals. If it is not suitable in its application, then this is what poses a risk. The risks arising from the discrepancy in its application will result in business processes that run not optimally, then financial losses arise, and various other things that can harm the company. To handle this, every organization or company must have risk management in its division. The purpose of this study is to determine the extent to which the security level of IT assets and the control over the impact of risks owned by PT Jasamarga Tollroad Operation. The method used is ISO 31000 to identify risks and their impact on IT assets and security control standards use ISO 27001 as a reference for risk treatment. From the results of the research conducted, it can be concluded that there are 4 possible risks that have a high level of risk, namely employee error (human error), application server, database server and email server exposed to viruses, hardware damage, and network connections being lost. Then found 13 possible risks that have a medium risk level and finally found 5 possible risks that have a low risk level. Keywords: Risk management, ISO 31000, ISO 27001, Assets IT, Risk Analyst

Item Type: Thesis (S1)
Call Number CD: FIK/SI 23 008
NIM/NIDN Creators: 41819210029
Uncontrolled Keywords: Risk management, ISO 31000, ISO 27001, Aset IT, Analisis Risiko
Subjects: 000 Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 000. Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 000.01-000.09 Standard Subdivisions of Computer Science, Information and General Works/Subdivisi Standar Dari Ilmu Komputer, Informasi, dan Karya Umum
Divisions: Fakultas Ilmu Komputer > Sistem Informasi
Depositing User: siti maisyaroh
Date Deposited: 03 Oct 2023 05:31
Last Modified: 03 Oct 2023 05:31
URI: http://repository.mercubuana.ac.id/id/eprint/81834

Actions (login required)

View Item View Item