Risk Analysis of Business Continuity Plan in Light Steel Company Using ISO 31000 Framework

Authors

Pages Icon

DOI:

https://doi.org/10.51519/journalisi.v6i4.955

Keywords:

Risk Management, BCP, ISO 31000, Company

Abstract

Light Steel Company is an industry engaged in manufacturing, has adopted technology and has a data center. The purpose of this study is to provide a guide and strategy for preventing risks and actions to minimize and overcome risks that can be used and implemented, so that the company's business processes can continue to run sustainably. This study uses Business Continuity Plan (BCP) using ISO 31000. Data collection is used by an interviewing employee who works at this organization. The analysis shows there are 15 possible risks that will hinder the operation of Light Steel companies based on the risk level high, medium, and low categories. High risk level is 26.7%, there are 4 possible risks, namely R05 (Loss of spare parts), R06 (Unscheduled maintenance and care for trucks and equipment spare parts), R10 (Server down) and R012 (Network connection problems). Medium risk level is 26.7%, there are 4 possible risks, namely R02 (flood), R07 (Cybercrime), R08 (Hacking), and R011 (Sudden power outage). Finally for low risk level is 46.6%, there are 7 possible risks, namely R01 (Earthquake), R03 (Dust), R04 (Fire), R09 (Abuse of access rights), R13 (Overheat), R14 (Data Corrupt), and R15 (Virus Attack, Malware).

Downloads

Download data is not yet available.

Author Biography

  • Yunianto Purnomo, University of Bunda Mulia

    Dosen SI

References

Y. Gao and D. Xu, “Exploration of Dance Teaching Mode Based on the Information Technology Era,” Front. Art Res., vol. 3, no. 3, pp. 32–35, 2021, doi: 10.25236/far.2021.030307.

M. El Khatib, “BIM As a Tool To Optimize And Manage Project Risk Management,” Int. J. Mech. Eng., vol. 7, no. 1, pp. 6307–6323, 2022.

J. J. Kassema, “Information Technology (IT) Contingency Plan as part of the Business Continuity Plan: Case of IT Services Delivery Industry,” SSRN Electron. J., 2019, doi: 10.2139/ssrn.3496143.

S. Fani and A. Subiadi, “Trend of Business Continuity Plan: A Systematic Literature Review,” ICBLP, no. 2019, 2020, doi: 10.4108/eai.13-2-2019.2286164.

J. A. R. C. Jayalath and S. C. Premaratne, “Analysis of Key Digital Technology Infrastructure and Cyber Security Consideration Factors for Fintech Companies,” Int. J. Res. Publ., vol. 84, no. 1, pp. 128. – 135, 2021, doi: 10.47119/ijrp100841920212246.

S. V. Fani and A. P. Subriadi, “Business Continuity pPan: Examining of Multi-Usable Framework,” Procedia Comput. Sci., vol. 161, pp. 275–282, 2019, doi: 10.1016/j.procs.2019.11.124.

I. Mas’ud and R. Salsabila, “Perancangan Business Continuity Plan Pada PT. XYZ,” J. Sist. Inf. dan Sains Teknol., vol. 3, no. 1, pp. 1–14, 2021, doi: 10.31326/sistek.v3i1.803.

M. R. Purnama, M. B. Adityawan, K. S. Pribadi, M. Farid, Widyaningtias, and A. A. Kuntoro, “Tsunami Risk Assessment in Business Continuity Planning for Palu Special Economic Zone,” IOP Conf. Ser. Earth Environ. Sci., vol. 1065, no. 1, 2022, doi: 10.1088/1755-1315/1065/1/012053.

I. Setiawan, R. Waluyo, and W. A. Pambudi, “Perancangan Business Continuity Plan dan Disaster Recovery Plan Teknologi dan Sistem Informasi Menggunakan ISO 22301,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 3, no. 2, pp. 148–155, 2019, doi: 10.29207/resti.v3i2.911.

B. Prieto, “Enterprise Risk Management in the Engineering and Construction,” PM World J., vol. XI, no. V, pp. 2330–4480, 2022.

E. C. Ali and N. C. Ali, “Business Continuity Plan of the Micro and Small Enterprises in Cotabato City during the COVID-19 Pandemic and Its Effect to Business Performance,” Eur. J. Bus. Manag. Res., vol. 8, no. 3, pp. 124–127, 2023, doi: 10.24018/ejbmr.2023.8.3.1916.

A. Berrichi and Z. Azarkan, “Business Continuity Plan facing COVID-19 : From necessity to Alterities Business Continuity Plan facing COVID-19 :,” HAL oepn Sci., vol. 2, no. 4, pp. 597–617, 2021, doi: 10.5281/zenodo.5149419.

F. T. Kurniati and R. R. Huizen, “Sosialisasi Strategi Business Continuity Plan Memasuki Era Baru (New Normal),” War. LPM, vol. 24, no. 4, pp. 788–798, 2021.

T. F. Rahardian and A. F. Wijaya, “Risk Analysis of Web-Based Information Systems on CV Mega Komputama Uses ISO 31000,” J. Inf. Syst. Informatics, vol. 4, no. 2, p. 442, 2022.

E. Evinia and M. N. N. Sitokdana, “Risk Management Based IT Analysis Using ISO 31000 (Case Study: PT Bawen Mediatama),” J. Inf. Syst. Informatics, vol. 5, no. 1, pp. 380–390, 2023, doi: 10.51519/journalisi.v5i1.420.

F. A. Alijoyo, “The use ISO 31000:2018 in Indonesian Fintech Lending Companies: What Can We Learn?,” J. Bus. Manag. Stud., vol. 4, no. 1, pp. 16–22, 2022, doi: 10.32996/jbms.2022.4.1.3.

J. F. Andry, N. Karepowan, and H. Tannady, “Disaster Recovery Planning for It/Is of Hospitality Industry Using Nist Sp 800-34 Rev.1 Method,” J. Theor. Appl. Inf. Technol., vol. 102, no. 8, pp. 3562–3569, 2024.

D. Y. Bernanda, Y. Charolina, O. Azhari, C. Pangrestu, and J. F. Andry, “Identification of Potential and Planning for Disaster Recovery Using the Iso/Iec 24762 Standard At Xyz University,” J. Teknoinfo, vol. 17, no. 1, p. 140, 2023, doi: 10.33365/jti.v17i1.2295.

J. F. Andry, H. Tannady, G. D. Rembulan, Gerry, and Honni, “Disaster Recovery Design at Higher Education Institutional Using ISO 27021 Method.pdf,” Soc. Sci. J., vol. 12, no. 5, pp. 1211–1217, 2022.

J. F. Andry, L. Liliana, H. Tannady, and A. S. Arief, “Data Centre Risk Analysis Using ISO 31000:2009 Framework,” J. Phys. Conf. Ser., vol. 2394, no. 1, 2022, doi: 10.1088/1742-6596/2394/1/012032.

Downloads

Published

2024-12-31

Issue

Vol. 6 No. 4 (2024): December

Section

Articles

License

Authors Declaration

  1. The Authors certify that they have read, understood, and agreed to the Journal of Information Systems and Informatics (JournalISI) submission guidelines, policies, and submission declaration. The submission has been prepared using the provided template.
  2. The Authors certify that all authors have approved the publication of this manuscript and that there is no conflict of interest.
  3. The Authors confirm that the manuscript is their original work, has not received prior publication, is not under consideration for publication elsewhere, and has not been previously published.
  4. The Authors confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
  5. The Authors confirm that the manuscript is not copied from or plagiarized from any other published work.
  6. The Authors declare that the manuscript will not be submitted for publication in any other journal or magazine until a decision is made by the journal editors.
  7. If the manuscript is finally accepted for publication, the Authors confirm that they will either proceed with publication immediately or withdraw the manuscript in accordance with the journal’s withdrawal policies.
  8. The Authors agree that, upon publication of the manuscript in this journal, they transfer copyright or assign exclusive rights to the publisher, including commercial rights

How to Cite

[1]
J. F. Andry, K. Christianto, Y. Purnomo, and F. S. Lee, “Risk Analysis of Business Continuity Plan in Light Steel Company Using ISO 31000 Framework”, journalisi, vol. 6, no. 4, pp. 3104–3114, Dec. 2024, doi: 10.51519/journalisi.v6i4.955.

Most read articles by the same author(s)