Ilham, Kahfin (2025) Pembuatan Dokumen Perencanaan Manajemen Risiko Teknologi Informasi Pada Perusahaan Pemeliharaan Pesawat Terbang Menggunakan Iso 31000:2018 Dan Cobit 2019. Other thesis, Institut Teknologi Sepuluh Nopember.
![[thumbnail of 5026211165-Undergraduate_Thesis.pdf]](http://repository.its.ac.id/style/images/fileicons/text.png) |
Text
5026211165-Undergraduate_Thesis.pdf - Accepted Version Restricted to Repository staff only Download (5MB) | Request a copy |
Abstract
Perusahaan pemeliharaan pesawat terbang sangat bergantung pada teknologi informasi (TI) dalam mendukung operasionalnya. Namun, belum adanya manajemen risiko TI yang terstruktur menimbulkan potensi gangguan terhadap keberlangsungan layanan. Penelitian ini bertujuan untuk mengidentifikasi dan mengelola risiko TI dengan menggunakan framework ISO 31000:2018 dan COBIT 2019, serta mengacu pada panduan SK-6/DKU.MBU/10/2023. Fokus diarahkan pada risk scenario dalam tiga risk category COBIT 2019, yaitu hardware incidents, software failures, dan logical attacks. Metode yang digunakan mencakup penilaian dan penanganan risiko, dengan pengumpulan data melalui wawancara kepada pihak-pihak yang relevan. Hasil penelitian memberikan pemahaman mengenai 24 risk scenario, termasuk penyebab dan dampaknya terhadap operasional perusahaan. Selain itu, dihasilkan urutan tingkat risiko berdasarkan nilai dampak dan kemungkinan terjadinya. Risk scenario dengan nilai risiko tertinggi adalah “Serangan malware” dan “Data perusahaan dicuri melalui akses tidak sah yang diperoleh melalui serangan phishing”, masing-masing dengan nilai risiko sebesar 25 dengan level high. Informasi ini digunakan untuk menentukan prioritas serta menyusun rencana penanganan risiko, agar level risiko dapat diturunkan hingga mencapai risiko appetite perusahaan, yaitu sebesar 11 dengan level low to moderate.
========================================================================================================================================
Aircraft maintenance companies rely heavily on information technology (IT) to support their operations. However, the absence of a structured IT risk management process poses potential threats to service continuity. This study aims to identify and manage IT risks by applying the ISO 31000:2018 and COBIT 2019 frameworks and referring to the SK 6/DKU.MBU/10/2023 guideline. The focus is directed toward risk scenarios within three COBIT 2019 risk categories: hardware incidents, software failures, and logical attacks. The methodology includes risk assessment and treatment processes, with data collected through interviews with relevant stakeholders. The results of this study provide insights into 24 risk scenarios, including their causes and impacts on the company’s operations. Furthermore, the study produces a ranking of risk levels based on the evaluation of impact and likelihood values. The highest-risk scenarios identified are "Malware attacks" and "Company data stolen through unauthorized access gained via phishing attacks," each with a risk value of 25 and categorized as high. This information is used to establish risk treatment priorities and develop appropriate response plans, with the goal of reducing each risk scenario to a level acceptable to the company, in accordance with its defined risk appetite of 11, categorized as low to moderate.
| Item Type: | Thesis (Other) |
|---|---|
| Uncontrolled Keywords: | manajemen risiko TI, ISO 31000:2018, COBIT 2019, SK-6/DKU.MBU/10/2023, risk scenario, pemeliharaan pesawat, IT risk management, ISO 31000:2018, COBIT 2019, SK-6/DKU.MBU/10/2023, aircraft maintenance |
| Subjects: | T Technology > T Technology (General) > T58.6 Management information systems |
| Divisions: | Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Information System > 57201-(S1) Undergraduate Thesis |
| Depositing User: | Kahfin Ilham |
| Date Deposited: | 21 Jul 2025 03:38 |
| Last Modified: | 21 Jul 2025 03:38 |
| URI: | http://repository.its.ac.id/id/eprint/120193 |
Actions (login required)
 |
View Item |