Secara Elektronik (OSD PSE), is provided by a unit at National Cyber and Crypto Agency. This is an in-demand service for many sectors that require secure electronic procurement. This study focused on the identification, analysis and risk response of OSD PSE services to obtain an enabler process and key risk indicator by combining the Risk Scenario Risk Scenario COBIT 5 method and NIST SP 800-30 Revision 1. Based on the results of the study obtained 14 enabler processes that were successfully identified, namely APO07.01, APO07.03, APO07.06, DSS01.01, DSS01.04, DSS05.05, DSS06.02, DSS06.03, APO01.06, DSS01.01, DSS05.02, DSS05.06, DSS06.04, dan DSS06.05.  Then 22 key risk indicator related to IT goal and 47 influenced by the process goal.  These two components of risk control are then used as controls in the development of 7 OSD PSE risk mitigation design. Finally, this research produced a draft of the development of risk mitigation designs for: Access rights from prior roles are abused, error in the electronic certificate verification process, failure of the installation and system configuration process, private key compromise, hardware components inaccessible, and immature software (bugs) on the OSD PSE system.