<![CDATA[This study analyzes information technology (IT) risk management at PT XYZ using COBIT 5 domain APO12. PT XYZ, as an Umrah travel service provider, relies heavily on information systems, making it vulnerable to risks stemming from environmental, human, and infrastructure factors. The purpose of this study is to identify IT risks, assess their impact and likelihood of occurrence, determine risk management capability levels, and provide recommendations for improvement. This study used qualitative methods through interviews and observations, with analysis based on subdomains APO12.01–APO12.06. The results indicate that PT XYZ faces various significant risks. The capability assessment places the current condition at Level 3 (Established Process), where processes are running and documented but not yet optimal. The company's target is to reach Level 5 (Optimized Process). Recommendations include improving IT infrastructure, strengthening data security, and routine training to minimize user errors.]]>
Copyrights © 2025
