Manajemen Risiko Teknologi Informasi pada e-Government: Ulasan Literatur Sistematis (Information Technology Risk Management on e-Government: Systematic Literature Review)

Article Sidebar

PDF (Indonesian)
Published: Dec 28, 2020
DOI: https://doi.org/10.17933/iptekkom.22.2.2020.207-222
Keywords:
ulasan literatur, manajemen risiko, e-government, International Standard Organization (ISO)
Dimensions
Altmetrics
Statistics
Read Counter : 4082
Download : 4132
Crossmark/ Data Version

Main Article Content

Alifiani Kurniati
Universitas Gadjah Mada
Lukito Edi Nugroho
Departemen Teknik Elektro dan Teknologi Informasi, Universitas Gadjah Mada
Muhammad Nur Rizal
Departemen Teknik Elektro dan Teknologi Informasi, Universitas Gadjah Mada

Abstract

Manajemen Risiko digunakan sebagai dasar perencanaan dan pengambilan keputusan oleh pimpinan, mengoptimalkan pemanfaatan sumber daya yang dimiliki, serta meminimalisir terjadinya risiko yang dapat merugikan organisasi. Implementasi manajemen risiko pada e-government digunakan untuk meminimalisir risiko serta mengurangi dampak negatif terhadap implementasi e-government. Penelitian ini bermaksud melakukan tinjauan literatur sistematis mengenai implementasi manajemen risiko teknologi informasi yang sesuai standar dalam e-government. Dari hasil analisis konten dan deskriptif terhadap literatur, disimpulkan bahwa implementasi manajemen risiko pada organisasi non-profit (pemerintah) dipengaruhi oleh perencanaan sumber daya teknologi informasi, manajemen, kebijakan dan regulasi serta kinerja organisasi. Proses manajemen risiko pada e-government mengadopsi beberapa standar yang dikeluarkan oleh International Standard Organization (ISO), dan implementasinya dapat diintegrasikan sesuai dengan kondisi dan kebutuhan organisasi.

Article Details

Issue
Vol. 22 No. 2 (2020): Jurnal IPTEK-KOM (Jurnal Ilmu Pengetahuan dan Teknologi Komunikasi)
Section
Articles

Authors who publish with this journal agree to the following terms:

  1. Author (s) hold copyrights and retain copyrights of articles if the article is accepted for publishing.
  2. The author grants the journal, right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work’s authorship and initial publication in this journal.
  3. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal’s published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  4. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
  5. The article and any associated published material are distributed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Public allowed to Share (copy and redistribute the material in any medium or format) and Adapt (remix, transform, and build upon the material) this journal article content.
Author Biography

Alifiani Kurniati, Universitas Gadjah Mada

Departemen Teknik Elektro dan Teknologi Informasi

References

Akkiyat, Ikram, and Nissrine Souissi. 2019. “Modelling Risk Management Process According to ISO Standard.” International Journal of Recent Technology and Engineering (IJRTE) Volume 8 No 2: 5830–35. https://doi.org/10.35940/ijrte.B3751.078219.

Ali, Omar, Anup Shrestha, Akemi Chatfield, and Peter Murray. 2020. “Assessing Information Security Risks in the Cloud: A Case Study of Australian Local Government Authorities.” Government Information Quarterly 37(1). https://doi.org/10.1016/j.giq.2019.101419.

Alreemy, Zyad, Victor Chang, Robert Walters, and Gary Wills. 2016. “Critical Success Factors (CSFs) for Information Technology Governance (ITG).” International Journal of Information Management 36 (6): 907–16. https://doi.org/10.1016/j.ijinfomgt.2016.05.017.

Barafort, Béatrix, Antoni Lluís Mesquida, and Antònia Mas. 2018. “Integrated Risk Management Process Assessment Model for IT Organizations Based on ISO 31000 in an ISO Multi-Standards Context.” Computer Standards and Interfaces 60 (February): 57–66. https://doi.org/10.1016/j.csi.2018.04.010.

Brunner, Michael, Clemens Sauerwein, Michael Felderer, and Ruth Breu. 2020. “Risk Management Practices in Information Security: Exploring the Status Quo in the DACH Region.” Computers and Security. https://doi.org/10.1016/j.cose.2020.101776.

Callahan, Carolyn, and Jared Soileau. 2017. “Does Enterprise Risk Management Enhance Operating Performance?” Advances in Accounting 37: 122-139. https://doi.org/10.1016/j.adiac.2017.01.001.

ERM. 2004. COSO - Enterprise Risk Management – Integrated Framework. USA: John Willey & Sons, Inc.

Fazlida, M.R., and Jamaliah Said. 2015. “Information Security: Risk, Governance and Implementation Setback.” Procedia Economics and Finance 28 (April): 243–48. https://doi.org/10.1016/s2212-5671(15)01106-5.

Fikri, Muhamad Al, Fandi Aditya Putra, Yohan Suryanto, and Kalamullah Ramli. 2019. “Risk Assessment Using NIST SP 800-30 Revision 1 and ISO 27005 Combination Technique in Profit-Based Organization: Case Study of ZZZ Information System Application in ABC Agency.” Procedia Computer Science 161: 1206–15. https://doi.org/10.1016/j.procs.2019.11.234.

Fraser, John R.S., and Betty J. Simkins. 2016. “The Challenges of and Solutions for Implementing Enterprise Risk Management.” Business Horizons 59 (6): 689–98. https://doi.org/10.1016/j.bushor.2016.06.007.

ISO. 2016. “ISO/IEC 27000:2016(E) Information Technology — Security Techniques — Information Security Management Systems — Overview and Vocabulary.” www.iso.org.

ISO. 2018. BS ISO 31000 : 2018. Risk Management — Guidelines. BSI Standards Publication.

Joshi, Anant, Laury Bollen, Harold Hassink, Steven De Haes, and Wim Van Grembergen. 2018. “Explaining IT Governance Disclosure through the Constructs of IT Governance Maturity and IT Strategic Role.” Information and Management Vol 55 Issue 3: 368-380. https://doi.org/10.1016/j.im.2017.09.003.

Kasma, Vira Septiyana, Sarwono Sutikno, and Kridanto Surendro. 2019. “Design of E-Government Security Governance System Using COBIT 2019: (Trial Implementation in Badan XYZ).” In Proceeding - 2019 International Conference on ICT for Smart Society: Innovation and Transformation Toward Smart Region, ICISS 2019. https://doi.org/10.1109/ICISS48059.2019.8969808.

Kementerian PAN RB. 2020. Pedoman Manajemen Risiko SPBE.

Kementerian PAN RB. 2020. “Tim Koordinasi SPBE Nasional

Sampaikan Capaian 2019 Dan Rencana 2020.” Accessed October 4, 2020. http://spbe.go.id/blog/tim-koordinasi-spbe-nasional-sampaikan-capaian-2019-dan-rencana-2020.

Kitchenham, Barbara, and Stuart Charters. 2007. Guidelines for Performing Systematic Literature Reviews in Software Engineering. UK: Keele University and Durham University Joint Report.

Maingak, Akmal Zaifullah, and Listyo Dwi Harsono. 2018. “Information Security Assessment Using Iso / Iec 27001 : 2013 Standard.” Trikonomika 17 (1): 28–37. http://journal.unpas.ac.id/index.php/trikonomika/article/view/1138/618.

Masso, Jhon, Francisco J. Pino, César Pardo, Félix García, and Mario Piattini. 2020. “Risk Management in the Software Life Cycle: A Systematic Literature Review.” Computer Standards and Interfaces 71 (March 2019): 103431. https://doi.org/10.1016/j.csi.2020.103431.

Olechowski, A., J. Oehmen, W. Seering, and M. Ben-Daya. 2016. “The Professionalization of Risk Management: What Role Can the ISO 31000 Risk Management Principles Play?” International Journal of Project Management 34 (8): 1568–78. https://doi.org/10.1016/j.ijproman.2016.08.002.

Oliveira, De, Fernando Augusto, and Silva Marins. 2017. “The ISO 31000 Standard in Supply Chain Risk Management” Journal of Cleaner Production 151: 616-633. https://doi.org/10.1016/j.jclepro.2017.03.054.

Rampini, Gabriel Henrique Silva, Harmi Takia, and Fernando Tobal Berssaneti. 2019. “Critical Success Factors of Risk Management with the Advent of ISO 31000 2018 - Descriptive and Content Analyzes.” Procedia Manufacturing 39: 894–903. https://doi.org/10.1016/j.promfg.2020.01.400.

Shakibazad, Mohammad, and Ali Jabbar Rashidi. 2020. “New Method for Assets Sensitivity Calculation and Technical Risks Assessment in the Information Systems.” IET Information Security 14 (1): 133–45. https://doi.org/10.1049/iet-ifs.2018.5390.

Shameli-Sendi, Alireza, Rouzbeh Aghababaei-Barzegar, and Mohamed Cheriet. 2016. “Taxonomy of Information Security Risk Assessment (ISRA).” Computers and Security 57. https://doi.org/10.1016/j.cose.2015.11.001.

Simota, Jan, Jiri Tupa*, and Frantisek Steiner. 2018. “Risk Management to Enhance Performance in the Construction SME Sector; Theory and Case Study.” In Risk Management Treatise for Engineering Practitioners. https://doi.org/10.5772/intechopen.68798.

Tupa, Jiri, Jan Simota, and Frantisek Steiner. 2017. “Aspects of Risk Management Implementation for Industry 4.0.” Procedia Manufacturing 11 (December): 1223–30. https://doi.org/10.1016/j.promfg.2017.07.248.