The Analysis of Information Technology Risk Management in Companies Using the ISO 31000 Framework (Case Study: PT. Bank BTPN, Tbk)
DOI:
https://doi.org/10.1234/siti.v2i2.252Keywords:
Risk Management, Information Technology, Risk Analysis, ISO 31000Abstract
Bank BTPN is a bank engaged in general banking, resulting from the merger of PT. Bank Tabungan Pensiunan Nasional Tbk with PT. Bank Sumitomo Mitsui Indonesia. With the advancement of technology, information technology has been implemented in the business activities of banking companies. Running business processes certainly involves various risks with negative impacts. Therefore, the implementation of information technology risk management is necessary. The goal is to analyze and identify risks that may or have already occurred so that mitigation processes can be formulated. One method that will be used in the risk management analysis at PT. Bank BTPN Tbk is by using the ISO 31000 standard framework. The process involves risk identification, risk assessment, and risk evaluation phases. The results of this risk management process create a matrix of the likelihood and impact of identified risks. Applying IT risk management using the ISO 31000 framework is expected to assist PT Bank BTPN Tbk in preventing risks and addressing the negative impacts of these risks.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Jurnal Sistem Informasi dan Teknologi Informasi
This work is licensed under a Creative Commons Attribution 4.0 International License.