Each library collection has an identification number which is unique number for each book. Identification
numbers are used in searching process, and library’s circulation. Identification number is presented by
barcode, and will be coupled with RFID, in order to facilitate collection information searching service,
collection circulation service, and as a function of the collection security. The current barcode system
problem lacks security features, the process of collection finding is very difficult, and the circulation process
takes more time. This problem can result in losses of the library assets, and reduce library user satisfaction.
Therefore, Petra Christian University Library plans to implement the RFID system as the solution of
collection security. The RFID implementation process requires an analysis to be done to assess the risk
factors that affect the library’s business processes and provide a response to those risks. This paper discusses
the risk assessments for the RFID system to be implemented in the library. Risk assessments are based on
the NIST SP800-98 standard Guidelines for Securing Radio Frequency Identification (RFID) System and
NIST SP800-30 Guide for Conducting Risk Assessments. Risk factors are categorized into two, namely
business process risk and risk intelligence process. The results show most of the risk factors are related to
the server system
