Manajemen Risiko Teknologi Informasi Menggunakan Framework COBIT 5 Pada Unit Kerja Information And Communication Technology (ICT) Universitas Hayam Wuruk Perbanas Surabaya

Latifah, Nasywa Iqnatia (2026) Manajemen Risiko Teknologi Informasi Menggunakan Framework COBIT 5 Pada Unit Kerja Information And Communication Technology (ICT) Universitas Hayam Wuruk Perbanas Surabaya. Undergraduate thesis, Universitas Hayam Wuruk Perbanas.

[img] Text
ARTIKEL ILMIAH.pdf
Restricted to Registered users only
Download (558kB)
[img] Text
COVER.pdf
Restricted to Registered users only
Download (765kB)
[img]
Preview
 Text
BAB I.pdf
Download (251kB) | Preview
[img]
Preview
 Text
BAB II.pdf
Download (387kB) | Preview
[img] Text
BAB III.pdf
Restricted to Registered users only
Download (367kB)
[img] Text
BAB IV.pdf
Restricted to Registered users only
Download (455kB)
[img]
Preview
 Text
BAB V.pdf
Download (214kB) | Preview
[img] Text
LAMPIRAN.pdf
Restricted to Registered users only
Download (1MB)

Abstract

Manajemen Risiko Teknologi Informasi Menggunakan Framework COBIT 5 Pada Unit Kerja Information And Communication Technology (ICT) Universitas Hayam Wuruk Perbanas Surabaya Information technology (IT) risk management is an important aspect in ensuring the reliability and continuity of information system services within higher education institutions. The Information and Communication Technology (ICT) unit at Universitas Hayam Wuruk Perbanas Surabaya plays a strategic role in managing IT infrastructure and services that support academic and administrative activities. This study aims to analyze the capability level of IT risk management and provide improvement recommendations based on the COBIT 5 framework, particularly in the APO12 (Manage Risk) and EDM03 (Ensure Risk Optimization) domains. This research uses a qualitative approach with data collection techniques including observation, interviews, and questionnaires based on the COBIT Process Assessment Model (PAM). The results show that the APO12 domain is at Capability Level 2 (Managed Process), while the EDM03 domain is at Capability Level 1 (Performed Process). These findings indicate that IT risk management processes have been implemented, but they are not yet fully standardized and documented optimally. This study provides recommendations in the form of developing a risk register using the Failure Mode and Effect Analysis (FMEA) method and proposing risk mitigation strategies that include technical, procedural, and policy aspects. The implementation of these recommendations is expected to improve the capability of IT risk management in the ICT unit in a sustainable manner. Keywords: COBIT 5, IT Risk Management, APO12, EDM03, Risk Register, FMEA.

Item Type: Thesis (Undergraduate)
Subjects: 600 - TECHNOLOGY > 650 - 659 MANAGEMENT & PUBLIC RELATIONS > 658 - GENERAL MANAGEMENT > 658.403 8 - MANAGEMENT INFORMATION SYSTEM
Divisions: Bachelor of Information Systems
Depositing User: NASYWA IQNATIA LATIFAH
Date Deposited: 08 Apr 2026 04:05
Last Modified: 08 Apr 2026 04:05
URI: http://eprints.perbanas.ac.id/id/eprint/14093

Actions (login required)

View Item View Item