Analisis Manajemen Risiko Pada Teknologi Informasi PT. Pos Indonesia Menggunakan ISO 31000

Abstract

As a company operating in courier delivery, logistics, and financial transaction services, PT. Pos Indonesia cannot be separated from the use of information technology as a supporting asset for its business processes. The focus of this research is PT. Pos Indonesia Palembang 30000, which is the main branch of PT. Pos Indonesia in the city of Palembang. During the use of information technology, there are several recurring issues and risks, such as hardware damage, failure in data updates and backups resulting in data loss, and system failures caused by network infrastructure disruptions, rendering the system inaccessible to employees. Currently, PT. Pos Indonesia has not conducted a specific analysis and evaluation of risks related to information technology, which can pose a risk to the success of its business activities. This research utilizes ISO 31000 as a guide for risk management analysis. The results of this research consist of risk documentation, wherein out of 31 identified risks, there are 2 high-level risks, 26 medium-level risks, and 3 low-level risks. Identification of these 31 risks will be accompanied by recommendations or suggestions regarding risk management, which are expected to mitigate these risks and can be used for prevention of information technology-related risks at PT. Pos Indonesia in the future.