Manajemen Risiko Teknologi Informasi: Studi Kasus pada Perusahaan Jasa


  • Achmad Reza Viyanto Bina Nusantara University
  • Okhran Steve Latuihamallo Bina Nusantara University
  • Franky Mangihut Tua Bina Nusantara University
  • Anderes Gui Bina Nusantara University
  • Suryanto Suryanto Bina Nusantara University



risk measurement, information technology, security, vulnerability


The purpose of this study is to identify and quantify risks that may occur any time in the application of information technology in a company, as well as to provide information on the risks associated with the security of information technology system of the company. The methods used are: data collection and analysis techniques. Data collection includes: literature and field studies, in which the field study is conducted by interview and observation. Analytical technique used in the measurement of risk is OCTAVE-S. The results found the risks associated with security management, contingency planning, vulnerability management, as well as design and security architecture. It iscocluded from this this study that there are still a lot of risks that can threaten companies such as lack of contingency and disaster recovery plan.


Plum Analytics


Alberts, C dan Dorofee, A. (2003). Managing information security risks. Canada: Adisson Wesley.

Alberts, C., Dorofee, A., Stevens, J., & Woody C. (2003). OCTAVE-S Implementation Guide, Version 1.0. Pittsburgh: Carnegie Mellon University.

Brown, W. C. (2006). IT Governance, Architectural Competency, and the Vasa. Information Management & Computer Security, 14. Diakses 25 Febuariuari 2010 dari

Pathak, J. (2005). Risk Management, Internal Controls, and Organizational Vulnerabilities. Managerial Auditing Journal, 20. Diakses 25 Febuari 2010 dari

Peltier, T.R. (2001). Information Security Risk Analysis. Auerbach, United Stated.

Purtell, T. (2007). A New View on IT Risk. Risk Management, 54. Diakses 25 Febuari 2010 dari

Rainer, R. K., Turban, E., & Potter, E. (2009). Introduction to Information Systems: Supporting and Transforming Business (International Student Version). New York: John Wiley & Sons.

Trieschmann, J. S., Hoyt, R. E., & Sommer, D. W. (2005). Risk Management and Insurance, 12th edition. Mason: Thomson South-Western.

Veiga, A. D. & Eloff, J. H. P. (2007). An Information Security Governance Framework. Information Systems Management, 24. Diakses 25 Febuari 2010 dari






Abstract 3224  .
PDF downloaded 2308  .