IT RISK MANAGEMENT ANALYSIS ON BANK XYZ E-BANKING SERVICE SYSTEM USING ISO 31000

Abstract

The growth of information technology is now forcing businesses to innovate, one of which is in the banking sector. Electronic banking or e-banking is a new system in the banking world, where the existence of e-banking can make it easier for customers to carry out banking activities. Bank XYZ has also used this e-banking service system where the services are Mobile Banking, Personal Internet Banking, Corporate Internet Banking. but there are several risks that may occur ranging from low to high level risk. The purpose of this research is to carry out a risk assessment using the ISO 3100 risk management standard on the e-banking application of Bank XYZ. The results show that there are 20 possible risks that occur and are divided into two categories, namely those that may occur from outside and from within the company. Risk analysis shows that risk has several types of impacts from small scale to disaster scale. There are also several types of risk management depending on the type of risk and the priority level of the risk, namely risk avoidance, risk sharing, risk mitigation, and risk acceptance.