Manajemen Risiko Teknologi Informasi Aplikasi E-Office ASN Menggunakan ISO 31000:2018

Abstract

In carrying out the task of government affairs at Diskominfosanditik Sumedang Regency, an E-Government system is implemented, namely the ASN E-Office application which is a website-based and mobile-based application with a minimum specification of Android 4 which is used by all ASN (State Civil Apparatus) consisting of PNS (Civil Servants) and PPPK (Government Employees with Work Agreements) in Sumedang Regency. With this application, there may be threats and attacks including vulnerabilities that pose a risk, which disrupt the process of using the application. Therefore, the researcher decided to conduct information technology risk management research as a handling and protection of the application by applying the risk management process from ISO 31000:2018 where any information needed in this research was obtained from internal sources at Diskominfosanditik Sumedang Regency. This research was conducted in the informatics section and resulted in 14 possible risks consisting of 3 risks with high levels, 2 risks with medium levels, and 9 risks with low levels. From the GAP measurement, there is a difference that the need for risk measurement as the first step for risk management.