Manajemen Risiko Teknologi Informasi Pada Aplikasi CMS di PT. Sarana Citranusa Kabil - Batam Menggunakan ISO31000:2018

Abstract

Purpose: The purpose of this research is to assist PT SCN in improving its ability in risk management, by minimizing the risks contained in the CMS application. In addition, it aims to provide recommendations some risk action for risks that have been identified. Methodology/approach: Object of this research is PT Sarana Citranusa Kabil – Batam. In order to support its business activities, PT SCN uses a application, called Cash Management System (CMS). This study was conducted using method of case study research. Technique of data collection is in the form of observation. The procedures of this research follow the ISO31000:2018 standard. Results/findings: This study found that (i) there are 20 possible risks, which can disrupt the performance of the CMS and business activities; (ii) 2 possible risks with high level; (iii) 10 possible risks with medium level; (iv) 8 possible risks with low level. Limitations: This research focuses on risk management in the use of CMS applications. The research does not address risks outside of information technology, for example, health and safety environmental issues. Contribution: The result of this risk analysis is a proposed action recommendation based on the impact and frequency of occurrence. Finally, PT SCN can prevent and minimize risks so that the function of the CMS application can run optimally.