The Analysis of Information Technology Risk Management in Companies Using the ISO 31000 Framework (Case Study: PT. Bank BTPN, Tbk)

Authors

  • luqman UIN Sunan Ampel Surabaya

DOI:

https://doi.org/10.1234/siti.v2i2.252

Keywords:

Risk Management, Information Technology, Risk Analysis, ISO 31000

Abstract

Bank BTPN is a bank engaged in general banking, resulting from the merger of PT. Bank Tabungan Pensiunan Nasional Tbk with PT. Bank Sumitomo Mitsui Indonesia. With the advancement of technology, information technology has been implemented in the business activities of banking companies. Running business processes certainly involves various risks with negative impacts. Therefore, the implementation of information technology risk management is necessary. The goal is to analyze and identify risks that may or have already occurred so that mitigation processes can be formulated. One method that will be used in the risk management analysis at PT. Bank BTPN Tbk is by using the ISO 31000 standard framework. The process involves risk identification, risk assessment, and risk evaluation phases. The results of this risk management process create a matrix of the likelihood and impact of identified risks. Applying IT risk management using the ISO 31000 framework is expected to assist PT Bank BTPN Tbk in preventing risks and addressing the negative impacts of these risks.

Downloads

Published

2024-03-21

How to Cite

luqman. (2024). The Analysis of Information Technology Risk Management in Companies Using the ISO 31000 Framework (Case Study: PT. Bank BTPN, Tbk). Jurnal Sistem Informasi Dan Teknologi Informasi, 2(2), 66–77. https://doi.org/10.1234/siti.v2i2.252