Kendala Manajemen Risiko Teknologi Informasi Pada Kasus Skimming ATM Bank X
Abstract
Abtract. The purpose of this study is to analyze the IT risk management constraints resulting in the appearance of Bank X ATM ATMs to anticipate similar events. The research method used in this study is qualitative with case study approach to deeply explore the constraints faced by Bank X in accordance with best practice RiskIT Framerowk by considering the three domains namely Risk Governance, Risk Evaluation, and Risk Response. The conclusions of this study are that Bank X has implemented IT risk management in accordance with the RIskTI Framework but there are still some weaknesses in governance processes, evaluation processes and the response processes, that are the MR Functional hierarchy and culture risk awareness, alignment of enterprise risk evaluation processes with risk based on audit processes, and constraints on the magnetic strip card migration process.
Keywords. ATM (Authomatic Teller Machine), RiskIT Framework, Risk Management Constraints.
Abstrak. Tujuan penelitian ini adalah menganalisis kendala manajemen risiko TI yang mengakibatkan munculnya kasus skimming ATM Bank X untuk mengantisipasi kejadian serupa tidak terjadi lagi. Metode penelitian yang digunakan dalam penelitian ini adalah kualitatif dengan pendekatan studi kasus untuk menggali secara mendalam kendala yang dihadapi Bank X sesuai dengan best practice RiskIT Framerowk dengan mempertimbangkan ketiga domain yakni Risk Governance, Risk Evaluation, and Risk Response. Kesimpulan dari penelitian ini adalah Bank X telah menerapkan manajemen risiko TI sesuai dengan RIskTI Framework namun masih terdapat beberapa kelemahan pada proses tata kelola, pemanfaatan perangkat manajemen risiko operasional dan tindaklanjut (respon) atas kasus skimming ATM Bank X, yakni pada hierarki Fungsi MR dan budaya risk awareness, keselarasan proses evaluasi risiko perusahaan dengan risk based pada proses audit, dan kendala pada proses migrasi kartu magnetic strip.
Kata Kunci: ATM (Authomatic Teller Machine), Framework RiskIT, Kendala Manajemen Risiko.
Full Text:
PDFReferences
DAFTAR PUSTAKA
Djojosoedarso, Soeisno, 2003. Prinsip-Prinsip Manajemen Risiko dan Asuransi. Edisi Pertama, Jakarta: Salemba Empat.
Ellet, William. 2007. How to Read, Discuss, and Write Persuasively About Cases. Harvard Business School
Bank X. 2019. Quarterly Publication Financial Statement Dec, 31 2019
Fleischmann, Martin dan Svata Vlasta. 2011. IS/IT Risk Management In Banking Industry. Parague: ISSN 0572-3043.
Hidayat, Sofyan. 2018. https://keuangan.kontan.co.id/news/bankx-pastikan-hilangnya-duit-nasabah-di-kediri-akibat-skimming
Ichsan Pamungkas, 2013.”Analisis Faktor- Faktor Yang Mempengaruhi Good Corporate Governance Rating”. Skripsi Fakultas Ekonomi Universitas Diponogoro Semarang.
ISACA. 2009. The Risk IT Framework.USA: Rolling Meadows.
Iskandar, Iwan. 2011. Manajemen Risiko Teknologi Informasi Perusahaan Menggunakan Framework RiskIT (Studi Kasus: Pembobolan PT. Bank Permata, Tbk). Jurnal Sains, Teknologi dan Industri Vol. 9. No. 1, 2011.
Jarrow, Robert A. 2007. Operational Risk. The Journal of Banking and Finance. Q- Group Research Grant: New York.
Librianty, Andina. 2015. https://www.liputan6.com/tekno/read/2302264/mengenal-modus-pembobolan-atm-melalui-teknik-skimming
Moeller, R. Robert. 2011. COSO Enterprise Risk Management Establishing Effective Governance, Risk, and Compliance Processes. Second Edition. Published by John Wiley & Sons, Inc., Hoboken, New Jersey.
POJK Nomor 18 /POJK.03/2016. Penerapan Manajemen Risiko Bagi Bank Umum. 16 Maret 2016.
POJK Nomor 38/ POJK.03/ 2016. Penerapan Manajemen Risiko Dalam Penggunaan Teknologi Infromasi Oleh Bank Umum.
Rotheli, Tobias. 2010. Causes of the financial crisis: Risk misperception, policy mistakes, and banks’ bounded rationality. Germany. The Journal of Socio-Economics
Scandizzo, Sergio. 2005. Risk Mapping and Key Risk Indicators in Operational Risk Management. Economic Notes vol. 34, no. 2-2005, pp. 231–256. Oxford. USA: Blackwell Publishing Ltd
Shauki, ER. 2018. Reasearch Instruments in Case Study and the Role of Researcher. Handout Case Writing and Methodology, ECAM 809303.
Supriyanto, Aji. 2010. Pengantar Teknologi Informasi. Jakarta: Salemba Infotek.
Westerman, George and Richard Hunter. (2007). IT Risk : Turning Business Threats Into Competitive Advantage. Harvard Business School Press.
DOI: https://doi.org/10.17509/jimb.v10i1.16134
Refbacks
View My Stats