Evaluasi Pelaksanaan Manajemen Risiko Teknologi Informasi pada Kantor Arsip Daerah Kota Samarinda dengan Menggunakan The Risk IT Framework

Abstract

Samarinda City Regional Archives Office has implemented a computerized information technology system in achieving its organizational goals. This system has benefits as well as risks which has the potential to cause harm and disruption in the activities to achieve the goals of the institution. In order to know whether an institution has prevented the occurrence of errors to minimize losses or not, it is necessary to evaluate the risk management process of information technology. The framework used in the evaluation of information technology risk management in this study is IT RISK .This study describes the current state of maturity level, then measures the maturity level of information technology risk management condition needed, and formulates a program to improve the IT RISK management maturity of current maturity level towards the expected maturity level in Samarinda City Regional Archives Office.The results obtained from this study demonstrate that some process of information technology risk management implementation at Samarinda City Regional Archives Office has reached its target but in some cases it has not reached the target. This is evidenced by the level of maturity of information technology attributes most of which are in the maturity level of repeatable but intuitive and definedprocess. On the other hand, the maturity level required by Samarinda City Regional Archives Office for Governance Risk, Risk Evaluation and Risk Response domain is defined and the subsequent development is Managed and Measurable. This study has also formulated several programs to improve the conditions of each domain toward the expected maturity of Samarinda City Regional Archives Office.