Risk Management Guide for Information System Infrastructure in Digital Banking

Risk Management Guide for Information System Infrastructure in Digital Banking

Digital banks rely heavily on IT infrastructure to support digital services, data management, and transaction processing, making them vulnerable to risks such as system failures, cybersecurity threats, and regulatory compliance. The implementation of Information Systems Risk Management (ISRM) is cru...

Full description

Saved in:
Bibliographic Details
Main Authors: Raden Budiraharjo, Silhi, Ali Jazzy, Na'il Ghani Prihartono
Format: Article
Language:English
Published: Pusat Penelitian dan Pengabdian Masyarakat (P3M), Politeknik Negeri Cilacap 2025-06-01
Series:Journal of Innovation Information Technology and Application
Subjects:
it risk management
iso-31000: 2018
nist sp 800-30
risk it framework
cobit 2019
Online Access:https://ejournal.pnc.ac.id/index.php/jinita/article/view/2621
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Digital banks rely heavily on IT infrastructure to support digital services, data management, and transaction processing, making them vulnerable to risks such as system failures, cybersecurity threats, and regulatory compliance. The implementation of Information Systems Risk Management (ISRM) is crucial to ensure data security and regulatory compliance. This study integrates ISO-31000: 2018, NIST SP 800-30, COBIT 2019, and Risk IT Framework to design a comprehensive risk management guide for banks, especially digital banks. ISO-31000: 2018 is used to define the objectives, scope, stakeholders, risk tolerance, and boundaries of risk management., NIST SP 800-30 is used for risk identification and assessment, Risk IT Framework is used to determine risk responses, and COBIT 2019 provides principles and practices that can be implemented to address risks. The research approach includes risk identification, assessment of likelihood and impact, selection of risk response options (Avoid, Reduce/Mitigate, Share/Transfer, Accept), and implementation of action plans. The study shows that the integration of this framework enables the bank to effectively address high-priority risks. After implementing the COBIT 2019-based mitigation plan, the risk score can be significantly lowered, putting the risk in an acceptable position. In addition, this approach enables the bank to comprehensively identify information technology and systems risks and implement action plans to reduce risks to an acceptable level.
ISSN:2716-0858
2715-9248

Similar Items