RISK ASSESMENT PENGENDALIAN KEAMANAN INFORMASI BERBASIS ISO/IEC 27001:2013 MENGGUNAKAN METODE FAILURE MODE AND EFFECTS ANALYSIS (FMEA) STUDI KASUS: TIM BRINESIA PT. BRI ASURANSI INDONESIA

Penulis

  • Winni Indah Kurnia Sari Ilmu Komputer, Sistem Informasi, Universitas Mercu Buana
  • Syakur Khoiri Ilmu Komputer, Sistem Informasi, Universitas Mercu Buana
  • Fajar Masya Universitas Mercu Buana

Abstrak

Implementasi teknologi informasi tidak lepas dari risiko (Information Technology Risk) yang dapat berdampak pada pencapaian tujuan organisasi. Mengingat keterkaitannya yang tinggi dengan kemajuan teknologi, tim BRINESIA memiliki kewajiban untuk menjadi unit yang memerlukan perlindungan keamanan informasi guna menjaga kualitas keamanan data, termasuk aset-aset yang dimiliki. Untuk meminimalkan kemungkinan terjadinya kebocoran data, kerusakan, ketidakakuratan, ketidaktersediaan, atau gangguan lain terhadap informasi, penting untuk melakukan penilaian terhadap risiko. Terdapat berbagai metode yang dapat digunakan untuk menganalisis kemungkinan terjadinya kegagalan atau risiko. Salah satu metode yang banyak digunakan adalah FMEA (Failure Mode & Effect Analysis), yang merupakan pendekatan terstruktur untuk mendeteksi dan memberi peringkat pada mode kegagalan dengan cara menilai severity, occurrence, dan detection, sehingga menghasilkan Risk Priority Number (RPN). Metode ini juga memberikan saran untuk mitigasi risiko sesuai dengan standar ISO/IEC 27001:2013. Penelitian ini mengidentifikasi level potensi mode failure mode pada informasi yang diurus oleh tim BRINESIA, menentukan prioritas risiko, serta menyediakan pedoman mitigasi risiko yang bermanfaat bagi tim BRINESIA dalam menerapkan kontrol keamanan informasi.Kata Kunci: FMEA (Failure Mode & Effect Analysis), Risk Priority Number, ISO/IEC 27001:2013, mitigasi risiko.

Referensi

FITRIANI, L.D. 2022. Risk Assessment And Development Of Access Control Information Security Governance Based On ISO/IEC 27001:2013 At XYZ University. Jurnal Teknik Informatika dan Sistem Informasi Hal. 891-907.

BAKRI, M., IRMAYANA, N., 2017. Analisis Dan Penerapan Sistem Manajemen Keamanan Informasi SIMHP BPKP Menggunakan Standar ISO 27001. Jurnal TEKNOKOMPAK, Vol. 11 Hal 41-44 .

WIJAYA, Y.D., 2021. Evaluasi Keamanan Sistem Informasi Pasdeal Berdasarkan Indeks Keamanan Informasi (KAMI) ISO/IEC 27001:2013. Jurnal Sistem Informasi dan Informatika (SIMIKA), Vol 4 No 2.

SASRTIKA, I.F., BISMA, R., 2021. Perancangan Sistem Informasi Manajemen Risiko berdasarkan ISO 27001:2013 (Sistem Manajemen Keamanan Informasi). JEISBI: Volume 02 Number 03.

INDRASARI, A., WAHYUDI, A.T. 2018. Analisis Manajemen Resiko berbasis ISO 9001:2015 dan ISO 31010:2009 pada Pelayanan Sistem Informasi Akademik “EduManage” di Universitas Setia Budi. Jurnal Ilmiah Teknik Industri dan Informasi, Hal. 47.

PRAMONO, P.P., FAHRIANTO, F., 2019.

`Pendeteksian Dini Tingkat Kemanan Informasi Berbasis ISO 27001:2013 Menggunakan Metode AHP (Analytical Hierarchy Process). CyberSecurity dan Forensik Digital Vol. 2, No. 2 hlm. 57-64.

WOWOR, N.E., SENTINUWO, S.R., dkk.,

Analisa Keamanan Informasi Pemerintah Kota Manado Menggunakan Indeks KAMI. Jurnal Teknik Informatika Vol 13, No.4.

HANDAYANI, N.U., WIBOWO.M.A., SARI, D.P.,

dkk., 2018. Penilaian Risiko Sistem Informasi Fakultas Teknik Universitas Diponegoro Menggunakan Metode Failure Mode Effect And Analysis Berbasis Framework ISO 27001. TEKNIK, 39 (2), hal. 78-85.

PANJAITAN, B., ABDURRAHMAN, L., MULYANA, R. 2021. Pengembangan Implementasi Sistem Manajemen Keamanan Informasi Berbasis ISO 27001:2013 Menggunakan Kontrol Annex : Studi Kasus Data Center PT. XYZ. e- Proceeding of Engineering : Vol.8, No.2, Page 2813.

SURYANA, D.Y., VINOLIA., IBRAHIM.A. 2017. Evaluasi Celah Keamanan Sistem Webserver Dengan Metode Failure Mode And Effects Analysis (Studi Kasus: Tiket.com). Computer Science and ICT Vol. 3 No. 1.

RAMAYANI, Y., OKTARINA, T. 2022. Analisa Manajemen Resiko Keamanan Pada Sistem Informasi Akademik (Simak) Uin Raden Fatah Palembang Menggunakan Metode Failure Mode And Effect Analysis (FMEA). JURNAL INOVTEK POLBENG - SERI INFORMATIKA, VOL. 7, NO. 2.

##submission.downloads##

Diterbitkan

2025-08-21

Terbitan

Vol 15 No 3 (2025): Volume 15 No 3, Mei Tahun 2025

Bagian

Articles

Lisensi

Authors who publish with this journal agree to the following terms:

 

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

 

License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below:

  1. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections;
  2. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified.";
  3. to Distribute and Publicly Perform the Work including as incorporated in Collections; and,
  4. to Distribute and Publicly Perform Adaptations.
  5. For the avoidance of doubt:i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License;ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and,iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License.

The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved.

Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions:

  1. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested.
  2. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties.
  3. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise.

Representations, Warranties and Disclaimer

UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU.

Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Termination

  1. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License.
  2. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above.

Miscellaneous

  1. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License.
  2. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License.
  3. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
  4. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent.
  5. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You.
  6. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law.