<![CDATA[Digital banks rely heavily on IT infrastructure to support digital services, data management, and transaction processing, making them vulnerable to risks such as system failures, cybersecurity threats, and regulatory compliance. The implementation of Information Systems Risk Management (ISRM) is crucial to ensure data security and regulatory compliance. This study integrates ISO-31000: 2018, NIST SP 800-30, COBIT 2019, and Risk IT Framework to design a comprehensive risk management guide for banks, especially digital banks. ISO-31000: 2018 is used to define the objectives, scope, stakeholders, risk tolerance, and boundaries of risk management., NIST SP 800-30 is used for risk identification and assessment, Risk IT Framework is used to determine risk responses, and COBIT 2019 provides principles and practices that can be implemented to address risks. The research approach includes risk identification, assessment of likelihood and impact, selection of risk response options (Avoid, Reduce/Mitigate, Share/Transfer, Accept), and implementation of action plans. The study shows that the integration of this framework enables the bank to effectively address high-priority risks. After implementing the COBIT 2019-based mitigation plan, the risk score can be significantly lowered, putting the risk in an acceptable position. In addition, this approach enables the bank to comprehensively identify information technology and systems risks and implement action plans to reduce risks to an acceptable level.]]>
Copyrights © 2025
