Data Centre Risk Analysis Using ISO 31000:2009 Framework

Abstract

Abstract Advances in information technology in the world make almost all companies depend on technology, one of which is the use of data centers. The data center is used as a data processing tool to present precise and accurate information for the company. Speed and accuracy in making decisions require data and information to be presented accurately as well. The increase in the number of applications and communication information technology services at pharmaceutical companies has resulted in a higher risk of application from data centers that need to pay attention to the risk of digital threats (data theft) to physical threats (fire). Data center risk management analysis needs to be done to avoid disruptions that can hinder business processes. The method used in this research is the ISO 31000: 2009 framework. The output obtained from this research is obtaining risk management documents regarding the risk control process and strategies for existing risk mitigation processes.