<![CDATA[This study aims to evaluate the effectiveness of information technology risk management implementation at STIKOM Uyelindo Kupang based on the ISO 31000:2018 framework. The research focuses on four main variables: Risk Identification (X1), Risk Evaluation (X2), Risk Management (X3), and Information Technology Risk Governance (Y). A quantitative approach was applied, using a questionnaire distributed to 50 respondents. Descriptive analysis showed that Risk Identification and Risk Evaluation fall into the good category, while Risk Management was rated as Fair, and IT Risk Governance was categorized as Poor. Pearson correlation analysis revealed very weak and insignificant relationships between variables, indicating the lack of structural integration in the risk management process. These findings suggest that the application of ISO 31000 principles is still suboptimal and requires improvement across six core elements: Leadership and Commitment, Integration, Design, Implementation, Evaluation, and Improvement. A more comprehensive implementation of ISO 31000 is expected to enhance risk management capabilities that are measurable, structured, and sustainable within the institution.]]>
Copyrights © 2026
