scholarly journals IT Risk Management dalam Operasional untuk Peningkatan Layanan Informasi Pesanan

KREA-TIF ◽  
2021 ◽  
Vol 9 (2) ◽  
pp. 21
Author(s):  
Rahmat Yasirandi ◽  
Andrian Rakhmatsyah ◽  
Fauzi Kurniawan

<p><em>Seharusnya dampak risiko IT yang timbul pada operasional di sebuah organisasi yang terjadi tidak bisa diabaikan begitu saja. Tak terkecuali yang sering terjadi pada restoran atau kafe. Masalah operasional yang sering ditemui adalah masalah jaminan informasi terkait pelayanan. Karena mempengaruhi tingkat kepercayaan pelanggan terhadap setiap layanan yang diberikan pihak restoran atau kafe. Setelah dilakukan manajemen tersebut, ternyata didapat bahwa kepercayaan pelanggan terkait jaminan informasi dapat diturunkan lagi menjadi 2 problems research yaitu terkait informasi yang pasti mengenai informasi status layanan, dan yang kedua terkait informasi seberapa cepat layanan yang akan pelanggan dapatkan. Sehingga di rancanglah sebuah sistem layanan informasi pesanan yang dapat menjamin kepercayaan pelanggan akan layanan informasi untuk setiap prosesnya. sehingga restoran akhirnya dapat mengurangi risiko yang dapat terjadi pada operasionalnya. Dari hasil mitigasi telah menghasilkan evaluasi bahwa risiko R2, R3, R4, R5, R6, dan R7 telah berhasil di mitigasi dengan hasil Eliminate. Dan untuk R1 dengan hasil Reduce. Dari hasil ini disimpulkan bahwa sistem yang diusulkan sebagai sebuah mitigation action plan telah terbukti dapat memitigasi risiko operasional terkait proses pesanan.</em></p>

2018 ◽  
Vol 33 (3) ◽  
pp. 117-135
Author(s):  
Nishani Edirisinghe Vincent ◽  
Julia L. Higgs ◽  
Robert E. Pinsker

ABSTRACT The Securities and Exchange Commission's 2009 enhanced proxy disclosure requirements and the updated Committee of Sponsoring Organizations' (COSO) Internal Control Framework have caused organizations to increase their focus on risk management and consider the impact of information technology (IT) in enterprise risk management. Our study examines whether board involvement, board expertise, and top management's risk culture affect the maturity of IT risk management practices (maturity) in firms. We find that board involvement positively influences maturity while top managers' risk-taking behavior is associated with lower maturity. Even though board expertise influences maturity, board involvement is more important in explaining maturity. Maturity is higher in firms where risk oversight lies with a board-level, rather than a management, committee. However, the maturity of ITRM practices does not differ among firms whether risk oversight lies with the overall board, or any other board committee. The findings contribute to an under-researched area in IT governance.


2018 ◽  
pp. 236-257
Author(s):  
Shanmugapriya Loganathan

Risks in IT are described as a form of threat in context with data security, network transfer, system scheduled processes, critical applications, and business procedures. IT risk management is broadly defined as the process of managing IT risks, and must be executed on a regular basis. It is neither a product nor a purchase, but a policy of an organization implements to protect its business systems. Managing IT risk plays a vital role in administering any business in today's world. Irrespective of the business, deep knowledge of IT risk leads to increased data security, reduced business cost, and greater compliance. This chapter deals with methodologies to improve risk management in an IT organization, their impact, and some examples.


Author(s):  
Chrisan Herrod

This chapter describes why it is important for organizations to develop and implement an IT risk management function and use best practice risk assessment methodologies that provide a standard to measure and assess risk within organizations. Information technology risk management is a significant new function that can help companies achieve world class IT service. IT risk management includes regulatory compliance, information security, disaster recovery, and project risks. IT risk management should be part of a company’s risk management strategy on an equal footing with financial risk management and reputational risk management. As the complexity of IT infrastructures increases and as businesses continue to rely upon the Internet as the communication backbone for e-business, the associated risks increase. For these reasons, deciding upon and implementing a risk management process and a standard methodology will greatly reduce the risks associated with the introduction of new technologies that support the mission of the business.


2014 ◽  
Vol 34 (4) ◽  
pp. 477-512 ◽  
Author(s):  
Placide Poba-Nzaou ◽  
Louis Raymond ◽  
Bruno Fabi

Purpose – This study aims to explore the process of open source software (OSS) adoption in small- and medium-sized enterprises (SMEs), and more specifically open source enterprise resource planning (ERP) as a “mission critical” OSS application in manufacturing. It also addresses the fundamental issue of ERP risk management that shapes this process. Design/methodology/approach – The approach is done through an interpretive case study of a small Canadian manufacturer that has adopted an open source ERP system. Findings – Interpreted in the light of the IT risk management, OSS and packaged application adoption literatures, results indicate that the small manufacturer successfully managed the adoption process in a rather intuitive manner, based on one guiding principle and nine practices. In analyzing the data, diffusion of innovation theory appeared to fit rather well with the situation observed and to offer rich insights to explain the mission-critical OSS adoption process. Research limitations/implications – A single case study of successful IT adoption should be eventually counterbalanced by future cases considered to be partial or total failures, using a wider multiple case study approach for comparative purposes. And this should include alternative theoretical interpretations and more detailed empirical work on the extent to which the distinctive features of OSS make its adoption more or less risk-laden. This initial effort should also be followed by further research on mission-critical OSS adoption in contexts other than SMEs (e.g. healthcare organizations) and other than ERP (e.g. customer-relationship management). Practical implications – This research confirms that open source is a credible alternative for SMEs that decide willingly or under external pressure to adopt a mission-critical system such as ERP. Moreover, it suggests that a high level of formalization is not always necessary. Originality/value – The authors argue that rich insights into the dynamics of the mission-critical OSS adoption process can be obtained by framing this process within an IT risk management context.


2021 ◽  
Vol 1 (03) ◽  
pp. 54-64
Author(s):  
Usman ◽  
Andika A. Yudhistira

Puntadewa outdoor merupakan sebuah perusahaan yang bergerak dalam bidang penyediaan dan penjualan perlengkapan luar ruangan, toko tersebut sudah menggunakan penerapan SI/TI dalam menunjang aktivitas bisnis yang dijalankan. Toko tersebut menggunakan aplikasi SmartConsole yang digunakan untuk menunjang penjualan, mendata stok barang, serta mendata pengeluaran sehari-hari yang dibutuhkan. Namun dalam dunia manajemen pasti selalu ada kemungkinan risiko yang mungkin dapat terjadi dan dapat mengganggu aktivitas bisnis dalam penggunaan sistem tersebut. Dengan begitu analisis risiko sangat diperlukan terhadap sumber daya SI/TI yang terdapat pada toko tersebut. Dengan menggunakan ISO 31000 diharapkan dapat meminimalisir risiko yang terdapat pada aplikasi SmartConsole. Hasil dari analisis risiko ini berupa analisis kemungkinan risiko, mengelompokkan kemungkinan – kemungkinan risiko berdasarkan dampak nya sehingga menghasilkan usulan tindakan risiko terhadap kemungkinan risiko yang terdapat pada aplikasi SmartConsole, dengan begitu toko tersebut dapat memperlakukan kemungkinan risiko yang ada sesuai dengan prioritas level risikonya dan dapat mencegah serta meminimalisir sehinga tidak mengganggu aktivitas bisnis.


2021 ◽  
Vol 8 (3) ◽  
pp. 635
Author(s):  
Dio Febrilian Tanjung ◽  
Aulia Oktaviana ◽  
Aris Puji Widodo

<p>Perkembangan <em>startup </em>berbasis teknologi informasi (TI) semakin meningkat dewasa ini. Sebagai penunjang keberhasilan bisnis perusahaan, TI memiliki risiko yang timbul di berbagai keadaan terutama di era pandemi COVID-19. Salah satu alternatif yang dapat dimanfaatkan untuk mengelola dan menjamin usaha yang lebih kondusif dan kredibel yaitu manajemen risiko yang tepat. Hal ini karena manejemen risiko menjadi hal yang penting pada bisnis dalam meningkatkan keuntungan dan mempertahankan kontinuitas bisnis, terutama dalam kondisi pandemi COVID-19. Pembahasan manajemen risiko TI secara umum sudah cukup banyak, namun penelitian manajemen risiko dalam menghadapi masa pandemi perlu dipertimbangkan. Hal ini dikarenakan pada masa pandemi ini, TI menjadi salah satu kunci agar bisnis dapat bertahan dan memenangkan kompetisi. Selain itu, pandemi COVID-19 termasuk dalam kasus luar biasa yang belum pernah terjadi dalam kurun waktu ratusan tahun, sehingga secara teknis risiko dari pandemi ini termasuk dalam risiko yang tidak terpikirkan sebelumnya oleh perusahaan. Tujuan penelitian ini untuk mengidentifikasi kondisi implementasi manajamen dan ancaman risiko terhadap proses bisnis pada sebuah perusahaan <em>startup </em>terutama di masa pandemi. Penelitian ini menggunakan metode kualitatif dengan mengacu pada COBIT® 2019 fokus domain DSS04 <em>Manage Continuity </em>dengan melakukan observasi awal terhadap kondisi perusahaan dan wawancara terhadap pemangku kepentingan perusahaan. Hasil penelitian menunjukkan bahwa perusahaan telah melakukan penyesuaian terhadap kebutuhan bisnis selama masa pandemi COVID-19 untuk memastikan keberlangsungan bisnis. Namun dalam pelaksanaannya belum ada pengukuran <em>risk management</em> untuk mengontrol apakah manajemen risiko yang dijalankan sudah tepat, sehingga diperlukan penerapan COBIT® 2019 dalam tata kelola bisnis perusahaan.</p><p> </p><p><em><strong>Abstract</strong></em></p><p><em>The development of information technology (IT) based startups is increasing nowadays. To support the company's business success, IT has risks arising from various circumstances, especially in the era of the COVID-19 pandemic. One alternative that can be used to manage and ensure a conducive and credible business is proper risk management. This is because risk management is important for businesses in increasing profits and maintaining business continuity, especially in the conditions of the COVID-19 pandemic. There is a lot of discussion about IT risk management in general, but research on risk management in dealing with the pandemic needs to be considered. This is because during this pandemic, IT is one of the keys for businesses to survive and win the competition. In addition, the COVID-19 pandemic is included in an extraordinary case that has not occurred in hundreds of years, so that technically the risks from this pandemic are included in risks that were not thought of before by the company. The purpose of this study is to identify the conditions of management implementation and risk threats to business processes at a company startup, especially during the pandemic. This study uses a qualitative method with reference to COBIT® 2019 focused on the DSS04 Manage Continuity domain by conducting initial observations of the company's condition and interviews with company stakeholders. The results show that the company has made adjustments to business needs during the COVID-19 pandemic to ensure business continuity. However, in practice there is no risk management measurement to control whether the risk management is carried out properly, so it is necessary to implement COBIT® 2019 in corporate business governance.</em></p><p><em><strong><br /></strong></em></p>


Sign in / Sign up

Export Citation Format

Share Document