ANALISIS MANAJEMEN RISIKO SISTEM INFORMASI DALAM PENGGUNAAN APLIKASI E-PURCHASING BERBASIS ISO 31000 (STUDI KASUS TOKO ASHA)

I Wayan Ady Juliantara; Wayan Eka Ariawan; I Nyoman Ariana Guna

doi:10.58878/sutasoma.v3i2.385

Authors

I Wayan Ady Juliantara
Wayan Eka Ariawan Universitas Tabanan
I Nyoman Ariana Guna Universitas Tabanan

DOI:

https://doi.org/10.58878/sutasoma.v3i2.385

Keywords:

Risk Management, ISO 31000, Information Systems, E-purchasing, ASHA Stores

Abstract

The development of information technology has driven digitalization in various sectors, including in the procurement of government goods and services through the E-purchasing system. ASHA Store is one of the business actors that utilizes the e-Catalog and Mbizmarket platforms in carrying out transaction processes with government agencies. However, in its implementation, the information system used also creates various operational risks that can disrupt the smooth running of the business. This study aims to analyze the risk management of the information system implemented by ASHA Store using the ISO 31000:2018 framework. The method used is a descriptive qualitative approach with data collection techniques in the form of interviews, observations, and documentation. The results of the study showed that there were ten main risks identified, including internet connection disruptions, inaccessible applications, and delays in updating product data and shipping goods. These risks were then analyzed based on their likelihood and impact, so that mitigation priorities were obtained. Control measures were carried out with strategies such as increasing staff training, providing backup networks, and implementing dual authentication and data backup SOPs. By conducting periodic evaluation and monitoring, the implementation of ISO 31000-based risk management has proven effective in helping ASHA Store identify, analyze, and control information system risks systematically and sustainably.

References

Andika, D. Y., & Wijaya, A. F. (2022). Manajemen risiko teknologi informasi menggunakan framework ISO 31000:2018 pada PT Trust Lerinvital Timur. Jurnal Mnemonic, 5(2), 111–118. https://doi.org/10.36040/mnemonic.v5i2.4778

Damanik, R. M. (2022). Sistem informasi dalam pelayanan publik: peluang dan tantangan. Jurnal Teknologi Pemerintahan, 1(1), 25–34.

Juliantara, I Wayan Ady. (2020). Analisis risiko penggunaan sistem informasi pengadaan berbasis elektronik. Jurnal Sistem Informasi, 16(1), 58–67.

Fachrezi, M. I., & Wijaya, A. F. (2019). Manajemen risiko keamanan aset teknologi informasi menggunakan ISO 31000:2018 Diskominfo Kota Salatiga. JATISI (Jurnal Teknik Informatika dan Sistem Informasi), 8(2), 764–773. https://doi.org/10.35957/jatisi.v8i2.789

Herlina, Y., & Setiawan, D. (2021). Pengaruh sistem digital terhadap efektivitas pengadaan barang dan jasa pemerintah. Jurnal Kebijakan dan Inovasi Publik, 5(2), 157–166.

ISO. (2018). ISO 31000:2018 Risk management – Guidelines. International Organization for Standardization.

Ivander, D. L., & Papilaya, F. S. (2023). Analisis manajemen risiko teknologi informasi menggunakan framework ISO 31000:2018. KLIK: Kajian Ilmiah Informatika dan Komputer, 4(2), 1042–1051. https://doi.org/10.30865/klik.v4i2.1174

Kurniawan, A., & Harjanto, P. (2019). Pengaruh sistem e-Katalog dalam pengadaan barang pemerintah. Jurnal Pengadaan, 5(1), 41–50.

LKPP. (2022). Pedoman penggunaan e-Katalog dan Toko Daring. Lembaga Kebijakan Pengadaan Barang/Jasa Pemerintah.

Lole, K. M. L., & Maria, E. (2022). Analisis manajemen risiko pada aplikasi Pegadaian Digital Service menu tabungan emas menggunakan ISO 31000:2018. Jurnal Sistem Komputer dan Informatika, 3(3), 319. https://doi.org/10.30865/json.v3i3.3891

Meyer, T., & Reniers, G. (2022). Engineering risk management. De Gruyter. https://doi.org/10.1515/9783110665338

Miftakhatun, M. (2020). Analisis manajemen risiko teknologi informasi pada website Ecofo menggunakan ISO 31000. Journal of Computer Science and Engineering, 1(2), 128–146.

Nugroho, D. S., & Lestari, R. (2020). Evaluasi penerapan E-Procurement pada pengadaan barang dan jasa pemerintah. Jurnal Ilmiah Ilmu Administrasi Publik, 10(2), 121–131.

Nuswantoro, W. Y., & UPN Veteran Jawa Timur. (2023). Penerapan manajemen risiko berbasis aset sebagai bentuk pengamanan perusahaan pada PT XYZ. Jurnal Manajemen, 2(1), 93–102. https://doi.org/10.55123/mamen.v2i1.1209

Pratama, I. P. A. E., & Pratika, M. T. S. (2020). Manajemen risiko teknologi informasi terkait manipulasi dan peretasan sistem pada Bank XYZ tahun 2020 menggunakan ISO 31000:2018. Jurnal Telematika, 15(2), 63–70.

Purwanto, A., & Yulianto, A. (2021). Evaluasi sistem informasi berbasis teknologi informasi dan manajemen risiko. Jurnal Teknologi Informasi dan Ilmu Komputer, 8(1), 33–40.

Ramadhani, R., & Kusnadi, N. (2018). Keamanan informasi dalam sistem E-Procurement. Jurnal Informatika dan Keamanan Siber, 2(2), 88–94.

Situmeang, S. M. T. (2021). Penyalahgunaan data pribadi sebagai bentuk kejahatan sempurna dalam perspektif hukum siber. SASI, 27(1), 38. https://doi.org/10.47268/sasi.v27i1.394

Sudarmanto, E. (2020). Manajemen risiko: Deteksi dini upaya pencegahan fraud. Jurnal Ilmu Manajemen, 9(2), 107. https://doi.org/10.32502/jimn.v9i2.2506

Tranchard, S. (2018). The new ISO 31000 keeps risk management simple. Governance Directions, 180–183.

Widyastuti, A., & Zakiyah, N. A. N. (2021). Amanah di balik implementasi manajemen risiko. Reviu Akuntansi dan Bisnis Indonesia, 5(2), 151–163. https://doi.org/10.18196/rabin.v5i2.12966

ANALISIS MANAJEMEN RISIKO SISTEM INFORMASI DALAM PENGGUNAAN APLIKASI E-PURCHASING BERBASIS ISO 31000 (STUDI KASUS TOKO ASHA)

Authors

DOI:

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Most read articles by the same author(s)

Similar Articles

menu