Evaluasi Manajemen Risiko Teknologi Informasi Berdasarkan Framework COBIT 5 Pada PT.BTM

“…In the context of IT risk management, it is the process of identifying, conducting risk assessments, as well as the process of finding and developing IT risk mitigations such as transfer, avoidance, or mitigation in accordance with the enterprise's risk appetite, accompanied by the preparation of communication strategies that have the potential to harm the organization [18][19] [20]. NIST (National Institute of Standards and Technology) defines information technology risk management as a process consisting of risk assessment which is a stage to identify risks and look for possible impacts in order to find appropriate mitigation or handling steps, then risk mitigation, which is the stage to provide prioritizing the magnitude level caused by risk is followed by evaluating the causes and impacts of risk accompanied by the application of appropriate monitoring to address known risks and impacts on the risk process, the last process is evaluation and assessment which is the stage to follow up risk evaluation by providing best practice for successful risk management [21]. COBIT 5 for Risk provides specific guidance regarding all effective enablers for risk management from two perspectives, namely risk function and risk management.…”

Risk Management using COBIT 5 for Risk : A Case Study on Local Government in Indonesia

“…In the context of IT risk management, it is the process of identifying, conducting risk assessments, as well as the process of finding and developing IT risk mitigations such as transfer, avoidance, or mitigation in accordance with the enterprise's risk appetite, accompanied by the preparation of communication strategies that have the potential to harm the organization [18][19] [20]. NIST (National Institute of Standards and Technology) defines information technology risk management as a process consisting of risk assessment which is a stage to identify risks and look for possible impacts in order to find appropriate mitigation or handling steps, then risk mitigation, which is the stage to provide prioritizing the magnitude level caused by risk is followed by evaluating the causes and impacts of risk accompanied by the application of appropriate monitoring to address known risks and impacts on the risk process, the last process is evaluation and assessment which is the stage to follow up risk evaluation by providing best practice for successful risk management [21]. COBIT 5 for Risk provides specific guidance regarding all effective enablers for risk management from two perspectives, namely risk function and risk management.…”

Risk Management using COBIT 5 for Risk : A Case Study on Local Government in Indonesia

“…Untuk meminimalisir dampak terhadap organisasi, maka perlu dilakukan manajemen risiko. Terdapat tiga tahap manajemen risiko teknologi yakni risk assesment, risk mitigation, dan evaluation dan assesment (Putra, Ambarwati, & Setiawan, 2019).…”

Penilaian Risiko Keamanan Data Karyawan Pada Sistem Informasi Dengan Menggunakan Framework Nist Sp 800-30 pada PT. ABC

“…Manajemen risiko diperlukan dalam mengatur proses bisnis agar berjalan secara efektif sehingga memberi keuntungan bagi perusahaan dan meminimalisir dampak yang disebabkan risiko IT [4]. Terdapat tiga tahap manajemen risiko teknologi yakni risk assesment, risk mitigation, dan evaluation and assesment [5]. Tahap pertama Risk assesment adalah proses identifikasi risiko dan dampak risiko sehingga diketahui rekomendasi kontrol untuk meminimalisir risiko.…”

Analisa Manajemen Risiko E-Learning Edlink Menggunakan Metode NIST SP 800-30 Revisi 1