<![CDATA[XYZ Indonesia (Persero) is one of the strategic industrial companies that produces the main tools of the Indonesian defense system and has a focus on the application of information technology managed by the Divisi Teknologi Informasi. In its application, the possibility of a risk cannot be avoided so that IT risk management and evaluation are needed to maximize its performance. Information technology risk management evaluation is carried out by using the Process Assessment Model (PAM) in the COBIT 5 framework with the APO12 Manage Risk process. The use of the COBIT 5 framework will help in measuring the extent to which processes and activities have been carried out properly, and knowing the capability level of the process. This research was conducted using qualitative methods, where data collection was carried out by questionnaire, observation, and validation interviews. The purpose of this study is to obtain evaluation results based on the capability level and formulate recommendations based on the results of the evaluation. The capability level in the APO12 process based on the evaluation results is at level 2, namely the Managed Process. Based on the results of the analysis, 43 recommendations were prepared. Recommendations are prepared based on components at level 1 and level 2 that have not been fulfilled. In addition, recommendations are also made based on components at level 3 to meet target levels. The recommendations given to companies are used to increase the level of IT risk management capabilities that exist in the Divisi Teknologi Informasi of PT. XYZ Indonesia.]]>
Copyrights © 2019
