Analisis Manajemen Risiko pada Penerapan Sistem Informasi Pembangunan Daerah (SIPD) Menggunakan IEC/ISO 31010:2019

Abstract

The purpose of this study was to analyze the risk of information technology in the application of the Regional Development Information System (SIPD) on the development planning menu at the Department of Communication, Information, Statistics and Encoding (DKISP) of Rote Ndao Regency using the IEC/ISO 31010:2019 standard. Risk management in this study includes the stages of communication and consultation, setting context, risk assessment, including the process of risk identification, risk analysis, risk evaluation, and risk treatment. The results of the study found that there were 17 possible risks in the SIPD application on the regional development planning menu. Of the 17 possible risks, there are three high-level risks, namely financial transaction failure, data leakage, misuse of accounts in the database system. Two risks at a moderate level are unreliable data and information and inadequate application documentation, as well as 12 risks with a low level, namely abuse of access rights, proposal submission being cancelled, database system error, proposal verification failure, users not understanding the function of the SIPD application menu, error in inputting prices in shopping accounts, data input for double development planning activities, failure to input income data, expenditure data not in accordance with programs, activities and sub-programs, system failure to archive deleted data, error in inputting validation ceilings, and sources of funds not having valid information. complete in accordance with SIPD features. The results of the risk management analysis are documented in the form of a risk register for management