Professional Documents
Culture Documents
RISK SCENARIO
ESSENTIAL
ANALISA RISIKO LEVEL BENEFIT STRATEGIS ORGANISASI
Yes
Yes
Yes
Yes
Yes
Yes
IT Programme
selection
Yes
Yes
Yes
Yes
New
Technologies
Yes
Yes
Yes
Yes
Yes
Yes
Technology
Selection
Yes
Yes
Yes
Yes
Yes
IT Investment
Decision Making
IT Investment
Decision Making
Yes
Yes
Accountability
over IT
Yes
Yes
Yes
Yes
Yes
Integration IT
Within business
processes
State of
Infrastructure
Technologies
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Ageing of
application
software
Ageing of
application
software
Architecture
Agility and
Flexibility
Yes
Yes
Regulatory
Compliance
Yes
Yes
Yes
Yes
IT Staf
IT Expertise and
Skills
Yes
Yes
Yes
Yes
Yes
Yes
IT Project
Termination
Yes
IT Project
Termination
Yes
IT Project
Economics
Yes
Yes
Project Delivery
Yes
Yes
Yes
Yes
Project Quality
Infrastructure
Theft
Destruction of
infrastructure
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
IT Staf
IT Staf
Yes
Yes
Yes
Yes
IT Expertise and
Skill
Infrastructure
(hardware)
Yes
Yes
Yes
Yes
System Capacity
Yes
Yes
Ageing of
infrastructural
software
Utilities
Performance
Yes
Yes
Yes
Yes
Industrial Action
Yes
Yes
Data(base)
integrity
Data(base)
integrity
Data(base)
integrity (cont.)
Operational IT
Errors
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Contractual
Compliance
Environmental
Acts of nature
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Selection/
Performance of
third-party
suppliers
Yes
Yes
Yes
Yes
Yes
Yes
Yes
IT Staf
IT Staf
Yes
Yes
Yes
Yes
IT Expertise and
Skill
Software
Integrity
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Software
Performance
Yes
System Capacity
System Capacity
Yes
Yes
Ageing of
infrastructural
software
Yes
Yes
Yes
Malware
Yes
Yes
Yes
Yes
Yes
Logical Attacks
Yes
Yes
Logical Attacks
(cont.)
Yes
Yes
Yes
Information
Media
Catatan:
Control Efectiveness (CE) disi 0 atau 1
Value Likelihood:
CE > 85%
50% < CE 85%
30% < CE 50%
15% < CE 30%
CE 15%
1
2
3
4
5
Rendah
Moderat
Tinggi
Extreme
EXISTING/PLANNED CONTROLS
TITLE
CONTROL
EFFECTIVENESS
1
8.33%
0.00%
IT Architecture Board
0.00%
0.00%
0.00%
Relationships
Benefit Management
Establish Organisational Structures
Understand the Current and Future Demand (for business
human resources)
Knowledge Transfer to Business Management supervision
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
Personnel recruitment
Personel training
Dependence upon individuals
IT Organization structure
Job Change and termination
Create and inventory of IT HR
Understand the current and future (IT HR)
Identify shortfall (between current & future)
Personnel recruitment and retentions
Personel training
Dependence upon individuals
Employee job performance evaluation
Personel competencies
Job Change and termination
Create and inventory of IT HR
Understand the current and future (IT HR)
VEL PROYEK TI
Software Quality Assurance (QA)
Knowledge Transfer to Operations and Support Staf
Implementation Plan
Final Acceptance Test
Knowledge Transfer to Business Management
Knowledge Transfer to End Users
Training
Test Plan
Post-implementation Review
Accuracy, Completeness and Authenticity Checks
Processing Integrity and Validity
Output Review, Reconciliation and Error Handling
Transaction Authentication and Integrity
Project Performance Measurement, Reporting and Monitoring
Project Closure
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
Project Closure
Monitor and Report on Programme (solution delivery)
Performance
Develop a Benefits Realisation Plan
Development and Acquisition Standards
Project Quality Plan
Technology Standards
Stakeholder Commitment
Project Closure
VEL OPERASI INFRASTRUKTUR DAN FASILITAS TI
Supplier Selection
Supplier Relationship Management
Supplier Risk Management
Supplier Performance Monitoring
Procurement Control
Supplier Contract Management
Resources Acquisition
IT Policies Management
Personnel Clearance Procedures
Infrastructure Resource Protection and Availability
Cost Model Maintenance
Physical Security Measures
Physical Access
Physical Security Measures
Physical Access
Physical Facilities Management
Protection Against Environmental Factors
Personnel Recruitment and Retention
Personnel Training
Dependence Upon Individuals
IT Organisational Structure
Job Change and Termination
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
IMPACT ANALYSIS
LIKELIHOOD
Impact 1
5
Impact 2
Impact 3
Impact 4
Impact 5
2
IMPACT
RISK VALUATION
(MAX)
RISK VALUATION
(AVERAGE)
Impact 6
Max Impact
Average
Impact
Rating
Value
Rating
1.3333333333
10
Tinggi
6.666666667
#DIV/0!
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
#DIV/0!
Rendah
#DIV/0!
RISK VALUATION
(AVERAGE)
Value
Tinggi
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!
#DIV/0!