12 research outputs found
Analisa Risiko Pada Bidang Software Acquisition,Implementation,Maintenance PT. Z
Full text linkPT.Z is a printing company based in Sidoarjo. PT.Z handle various customers both domestic and abroad. Information technology has been used to support nearly in all processes in PT.Z, but they has never done a risk analysis before so that the company do not know anything about IT risks that can occur. Therefore, it takes a risk analysis so that the company can determine what risks may occur and how to respond to those risks.In this thesis, risk assessment performed in the process of software acquisition, implementation, and maintenance. The steps used in performing the risk assessment are measuring the level of maturity of the IT using the Capability Maturity Model Integration (CMMI), then perform mapping of CMMI to COBIT 4.1, and using the OWASP Risk Rating Methodology as a guide in the calculation of risk. Some of these risk factors include the lack of monitoring process based on clear value of metrics, no identification of IT processes that have great impact on the company\u27s business process, there is no verification of value in the result of monitoring data collection
Analisa Risiko Pengelolaan Data, Keamanan Sistem, Dan Pengelolaan Vendor TI Di PT. X
Full text linkProcurement Department in PT. X is a department from a manufacturing company based in Surabaya, it provides needs of all departments in PT. X. Information Technology in Procurement is completely utilized to support the company\u27s business activities and processes. However, this company has not done any risk assessment, that might causing the company does not know what impact that might occur that can choke Procurement\u27s performance. Therefore, a risk assessment is required to analyze the risk factors that could interfere Procurement\u27s business processes and provide a response to the most critical risks.This research is about to assess risks that might have happened in Information Technology and Procurement\u27s business processes. The steps in this risk assessment are using COBIT 4.1 standard to define the processes in the analysis, ISO 31000 as a framework in risk assessment steps, and Risk Rating Methodology OWASP as a reference for valuation and risk calculations. Based on the interview that has done, 14 risk factors have been found in PT. X Procurement. Some of them are data contracts is not stored in a database system, no written agreement regarding to devoted vendor PIC to handle related project, company does not have any contingency plan if there is a problem in the manufacture of goods/services by the vendor, Procurement has not performed IT risk assessment yet, so there is no analysis of the events might occur, no special documentation such as risk recording of each vendor, no uniformity of vendors progress report format so their points of information might not delivered completely, and no requirement for vendors to provide vendor reporting progress.The proposed response to the company are company should copy the contract and scan then store it into the system, identify and document the individuals involved in the project, providing a contingency plan in case either party to cancel the contract before the end of the contract period, make IT risk assessment, taking notes or special documentation related risk will each vendor, make format report for vendor reporting progress, and regularly schedule communication between Procurement and vendors to discuss the vendor progress
IT Risk Assessment Di Perpustakaan Universitas Kristen Petra
Full text linkUniversitas Kristen Petra memiliki unit organisasi yakni Perpustakaan yang menyediakan layanan koleksi. Sistem di Perpustakaan dikerjakan dengan memanfaatkan layanan IT (otomasi), dengan tujuan mempermudah proses pemberian layanan informasi pencarian koleksi dan peminjaman. Permasalahan yang terjadi pada layanan IT yang pernah dihadapi adalah seperti downserver, Unit Power Supply yang rusak dan terjadinya inkonsistensi data. Hal ini dapat menghambat kinerja layanan Perpustakaan seperti peminjaman dan pengembalian koleksi, pencarian koleksi di website, juga layanan pencarian informasi seperti referensi. Untuk itu dibutuhkan suatu analisa risiko, yang bertujuan menganalisa faktor-faktor risiko apa saja yang mengganggu proses bisnis Perusahaan dan meberikan respon terhadap risiko yang paling kritikal.Pada penelitian ini, dilakukan proses risk assessment terhadap layanan IT yang dimanfaatkan dalam layanan bisnis Perpustakaan dan dibuatlah analisa berdasarkan pemahaman terhadap model dan strategi bisnis, penjabaran IT Audit Universe dan IT Domain, Contro Objectivel, serta penilaian terhadap faktor-faktor risiko IT yang ditemukan. Proses analisa risiko dilakukan dengan memanfaatkan metode berdasarkan Global Technology Audit Guidelines (GTAG) : Developing IT, COBIT 4.1, OWASP Risk Rating Methodology.Berdasarkan pengujian, ditemukan faktor-faktor risiko IT yang ada di Perpustakaan. Beberapa faktor-faktor risiko tersebut antara lain belum ada strategi dan perencanaan IT yang jelas untuk masa mendatang, media backup belum pernah diuji, dievaluasi ataupun di-refresh, tidak ada prosedur backup secara khusus
IT Risk Assessment Di PT. X
Full text linkPT. X merupakan suatu Perusahaan yang bergerak dibidang food industry. Dalam menjalankan proses bisnisnya, Perusahaan ini menggunakan software, hardware, jaringan, dan lain-lain. Tetapi software yang digunakan belum bisa mengintegrasikan semua proses bisnis dalam Perusahaan. Melihat situasi dan kondisi dari PT. X, tidak menutup kemungkinan terjadinya resiko akibat masalah-masalah seperti data security, data integrity, kerusakan hard disk, kesenimbangunan proses bisnis IT dan lain- lain.Pada skripsi ini dilakukan analisa resiko terhadap seluruh area IT dan proses bisnis yang ada di PT. X. Area-area yang akan dianalisa tersebut didapatkan dengan cara memetakan COBIT 4.1 ke dalam IT domain. Analisa resiko dilakukan dengan menerapkan tiga langkah-langkah dalam metode Global Technology Audit Guide.Adapun resiko-resiko yang ditemukan adalah adanya ketergantungan terhadap outsource programmer yang berperan sebagai konsultan IT, tidak pernah dilakukan Risk Assessment dalam bidang IT di Perusahaan, tidak ada Disaster Recovery Plan dan IT Security Plan, tidak ada evaluasi terhadap hak akses, tidak ada orang khusus yang ditunjuk untuk mengelola IT, tidak adanya training atau zona aman terkait keamanan dan insiden dalam Perusahaan, dan tidak adanya standar, framework, atau SOP untuk teknologi, sistem IT dan proses yang cocok menggunakan IT. Hasil analisa resiko ini membantu Perusahaan menyadari resiko-resiko apa yang mungkin terjadi dan dapat membahayakan kelangsungan bisnis Perusahaan sehingga Perusahaan dapat mengambil tindakan untuk mencegah atau menangani resiko tersebut
Audit Sistem Informasi Perpustakaan Universitas Kristen Petra Berdasarkan Standar Control Objectives for Information and Related Technology (Cobit 4.0)
Full text linkPerpustakaan Universitas Kristen Petra yang berperan sebagai pusat layanan informasi bagi sivitas akademika tidak dapat lepas dari pengaruh teknologi informasi (TI). Untuk memastikan kelangsungan pelayanan informasi maka dibutuhkan sistem keamanan, pengelolaan data, pengelolaan masalah, dan pengelolaan lingkungan fisik yang memadai baik dari segi hardware maupun software. Ketergantungan ini mengakibatkan TI menjadi titik yang paling rawan dalam memastikan kelangsungan pelayanan informasi di perpustakaan. Dalam memastikan sejauh mana dukungan TI terhadap proses bisnis perpustakaan maka perlu diketahui seberapa baikkah kualitas layanan TI. Untuk mengukur kualitas layanan TI di perpustakaan dibutuhkan suatu proses audit.Pada penelitian ini, dilakukan proses audit operasional untuk mengumpulkan data guna menunjang penilaian audit. Pedoman yang digunakan dalam mengukur aspek – aspek tingkat kedewasaan TI ialah COBIT 4.0 pada bagian delivery and support 4, 5, 10, 11, dan 12 yang terdiri dari pemastian kelangsungan layanan TI, pengelolaan sistem keamanan, pengelolaan masalah, pengelolaan data, dan pengelolaan lingkungan fisik di perpustakaan.Penelitian ini menghasilkan temuan dan nilai tingkat kematangan TI di perpustakaan. Proses audit membantu perpustakaan dalam mengevaluasi kinerja layanan TI dan memberi masukan untuk perbaikan
Pesantren dan Millennial Behaviour: Tantangan Pendidikan Pesantren dalam Membina Karakter Santri Milenial
Get PDFThis study to determine the challenges of boarding school education in fostering the character of millennial santri at Al-Amanah Islamic Boarding School, which is a boarding school that educates and fosters the character of students. This research uses qualitative research with a type of case study. The informants in this study were the boarding school caretakers, namely the kyai, the ustadz / ustadzah and students in the boarding school environment. The results of the research regarding the challenges that must be faced by students are as follows: first, cultural differentiation. One way of communicating is that the culture and personality of the students are different. Second, the uswah factor. Exemplary and role models for students in Islamic boarding schools. Third. Impact technology. Be aware of advances in technology and information for students so that they are not left behind. Fourth. Double Personality
Analisa Risiko Teknologi Informasi Di Divisi Produksi PT. X
Full text linkPT. X is a tobacco company. In order to support its business processes, this company uses software, hardware, network and machines for production process. However, this company is lack of monitoring of IT tools so that when problems occur, the problem solving can be delayed, and it has no plans if disaster might happen.This thesis assess IT risks and company's business processes. This assessment uses COBIT 4.1 standard, ISO 31000, and for the calculation used Risk Rating Methodology OWASP. Risks that have Critical-High scale are no Disaster Recovery Plan, backup result is stored in the same room with the main server, no monitoring in data backing up, data backup is just done in onsite technique, no backup data recording.The responses to the company's risk factors are that company should make DRP so that when any disaster occurs, company's important data is not lost, backup storage should located, at different place than main server, company should backup process, and backup should be done by offsite technique, so when any data is lost, it can be easily restored
