Hasil Pencarian  ::  Simpan CSV :: Kembali

"[Program magang ini bertujuan untuk memahami dan menganalisa penerapan manajemen risiko perusahaan pada PT Pertamina EP serta membandingkannya dengan teori dari Standar ISO 31000 Program magang dilakukan selama tiga bulan di Fungsi Strategic Planning and Risk Management pada bagian Risk Management PT Pertamina EP untuk mengamati dan membantu pelaksanaan proses manajemen risiko perusahaan Perbandingannya dengan teori dari Standar adalah pengadopsian prinsip kerangka kerja untuk mengelola risiko dan proses manajemen risiko yang diusulkan oleh standard tersebut Hasil menunjukkan bahwa perusahaan telah mengadopsi standar ISO 31000 dengan baik dan penerapan proses manajemen risiko disesuaikan dengan proses bisnis dan kebutuhan perusahaan ;The internship program aims to understand and analyze the Implementation of Enterprise Risk Management in PT Pertamina EP and compare it with the theory from ISO 31000 The internship program was conducted over three months in the Strategic Planning and Risk Management Function within the Risk Management Division in PT Pertamina EP while observing and helping the administration enterprise risk management process The comparison with the theory in the standard is the adoption of principles the framework for managing risk and the risk management process proposed by the standard The result shows that the company has adopted the ISO 31000 standard well and the risk management process is developed according to the business process and its needs Key words Enterprise Risk Management ISO 31000 Pertamina EP ;The internship program aims to understand and analyze the Implementation of Enterprise Risk Management in PT Pertamina EP and compare it with the theory from ISO 31000 The internship program was conducted over three months in the Strategic Planning and Risk Management Function within the Risk Management Division in PT Pertamina EP while observing and helping the administration enterprise risk management process The comparison with the theory in the standard is the adoption of principles the framework for managing risk and the risk management process proposed by the standard The result shows that the company has adopted the ISO 31000 standard well and the risk management process is developed according to the business process and its needs Key words Enterprise Risk Management ISO 31000 Pertamina EP ;The internship program aims to understand and analyze the Implementation of Enterprise Risk Management in PT Pertamina EP and compare it with the theory from ISO 31000 The internship program was conducted over three months in the Strategic Planning and Risk Management Function within the Risk Management Division in PT Pertamina EP while observing and helping the administration enterprise risk management process The comparison with the theory in the standard is the adoption of principles the framework for managing risk and the risk management process proposed by the standard The result shows that the company has adopted the ISO 31000 standard well and the risk management process is developed according to the business process and its needs Key words Enterprise Risk Management ISO 31000 Pertamina EP , The internship program aims to understand and analyze the Implementation of Enterprise Risk Management in PT Pertamina EP and compare it with the theory from ISO 31000 The internship program was conducted over three months in the Strategic Planning and Risk Management Function within the Risk Management Division in PT Pertamina EP while observing and helping the administration enterprise risk management process The comparison with the theory in the standard is the adoption of principles the framework for managing risk and the risk management process proposed by the standard The result shows that the company has adopted the ISO 31000 standard well and the risk management process is developed according to the business process and its needs Key words Enterprise Risk Management ISO 31000 Pertamina EP ]"

"Sekretariat Kabinet Republik Indonesia (Setkab) sebagai lembaga pemerintah yang memiliki tanggung jawab dalam pengelolaan manajemen kabinet perlu menerapkan manajemen risiko teknologi informasi secara efektif. Selaras dengan Peraturan Menteri Pendayagunaan Aparatur Negara dan Reformasi Birokrasi (Permenpan RB) nomor 5 tahun 2020 tentang Pedoman Manajemen Risiko Sistem Pemerintahan Berbasis Elektronik (SPBE) perlu memiliki rancangan penanganan risiko teknologi informasi. Namun demikian, Setkab belum melaksanakan manajemen risiko teknologi informasi sehingga risiko terkait teknologi informasi tidak teridentifikasi. Penelitian ini bertujuan untuk menyusun rancangan manajemen risiko teknologi informasi yang sesuai dengan kebutuhan dan konteks Setkab. Metode yang digunakan pada penelitian adalah kualitatif dengan pengumpulan data melalui wawancara, analisis dokumen, dan observasi terhadap risiko teknologi informasi di lingkungan Setkab. Analisis data menggunakan metode analisis tematik. Dalam penyusunan kerangka kerja manajemen risiko teknologi informasi Setkab, standar ISO 31000:2018 akan digunakan sebagai kerangka kerja utama, kemudian akan mengacu pada ISO/IEC 27005:2022 sebagai panduan aktivitas penilaian dan penanganan risiko, dan ISO/IEC 27002:2022 sebagai acuan kontrol keamanan informasi. Penelitian ini menghasilkan 245 skenario risiko, 83 diantaranya perlu dimitigasi dan 162 risiko dapat diterima. Penelitian ini menghasilkan rancangan manajemen risiko yang diharapkan dapat membantu Setkab dalam mengelola risiko teknologi informasi secara sistematis.

---

The Cabinet Secretariat of the Republic of Indonesia (Setkab) as a government institution that is responsible for managing cabinet management needs to implement information technology risk management effectively. In line with the Regulation of the Minister for Empowerment of State Apparatus and Bureaucratic Reform (Permenpan RB) number 5 of 2020 concerning Guidelines for Risk Management for Electronic-Based Government Systems (SPBE), it is necessary to have a design for handling information technology risks. However, Setkab has not yet implemented information technology risk management, so information technology-related risks are not being identified. This study aims to develop a design for information technology risk management that is suitable for the needs and context of Setkab. The method used in the study is qualitative, collecting data through interviews, document analysis, and observation of information technology risks in the Setkab environment. Data analysis uses thematic analysis method. In developing the design for information technology risk management for Setkab, ISO 31000:2018 standard will be used as the main framework, then referring to ISO/IEC 27005:2022, as guidelines for risk assessment and risk treatment activities, and ISO/IEC 27002:2022 as the information security control reference. This research produced 245 risk scenarios, 83 of which needed to be mitigated and 162 risks were acceptable. This research produces a risk management design that is expected to help Setkab manage information technology risks systematically."