Abstract
Abstract
The purpose of this study is to determine the extent to which companies anticipate and reduce information technology risks that will occur, it is necessary to evaluate information technology risk management. The method used in this study was evaluating information technology risk management is the Domain Risk Governance (RG) contained in the IT Risk Framework. The evaluation process using this framework and domain is that it can measure the level of company maturity in carrying out information technology risk management. The results of this study are companies knowing the level of maturity in implementing IT risk management at level 2 (recurring) and level 3 (defined), knowing the GAP between the current level of maturity with the target level of maturity and can increase the current level of maturity to achieve the target level it is desirable to use the recommendations given. So companies can compete with competitors in providing services, ensuring that IT risk management activities are aligned with company objectives, reducing losses in the IT implementation process, integrating IT risk strategies with business strategy risk decisions, and ensuring that decisions are made according to company objectives based on opportunities and the consequences that have been made.
Reference19 articles.
1. Research on IT governance, risk, and value: Challenges and opportunities;Debreceny;Journal of Information Systems,2013
2. Risk Management in Information Technology Project: An Empirical Study;Irfandhi;ComTech: Computer, Mathematics and Engineering Applications,2016
3. A framework for identifying and understanding risks in information technology projects;Marchewka;Journal of International Technology and Information Management,2010
4. Does risk management contribute to IT project success, A meta-analysis of empirical evidence;De Bakker;International Journal of Project Management,2010
5. Project risk management: lessons learned from software development environment;Kwak;Technovation,2004