Sistemasi: Jurnal Sistem Informasi (May 2023)
Implementation of ISO 31000:2018 in Risk Management Activities of Libsys Application Student Interest
Abstract
This study aims to apply ISO 31000:2018 for risk management activities in the Libsys Interests of Students application. CV XYZ, an information technology consultant in Yogyakarta, developed this application. This application detects students' academic interests, so teachers can easily direct students according to their interests. So far, the company has never carried out risk management activities in the system development process, even though this activity plays a role in managing and mitigating risks so that the application can achieve its goals. Risk management activities start from the stages of communication and consultation, establishing context, risk assessment and treatment, and monitoring and review by ISO 31000:2018 standard. The study's results found the effectiveness of the ISO 31000:2018 standard for managing risk in information systems consulting companies. The risk management activity found 17 risk opportunities from the Student Interests Libsys application, with four high-level, eight medium-risk, and five low-level risk opportunities. This study also provides suggestions for handling risks in the Libsys Interests Students application and documents them to help management manage the risks in this application.
