Open AccessRisk Management In Protecting Banking Sensitive Information at XYZ Bank Using COBIT5 Framework
Author(s) -
Maulid Ibnu Adhi Purwono
Publication year - 2021
Publication title -
annual conference on management and information technology
Language(s) - English
Resource type - Journals
ISSN - 2355-0201
DOI - 10.33555/acmit.v7i1.104
Subject(s) - business , cobit , risk management , asset (computer security) , asset management , risk management information systems , risk analysis (engineering) , accounting , information system , management information systems , finance , computer security , corporate governance , computer science , engineering , electrical engineering
POJK No.18 / POJK.03 / 2016 concerning the Implementation of Risk Management for Commercial Banks is addressed to the management and board of directors of Banks to improve provisions regarding compromised customer information disclosure to the public, and breaches of customer information have led to the need for risk management practices in the use of Information Technology (IT). Risk Control Assessment (RCA) is based on the COBIT 5 framework to assess risks associated with the use of Information Technology Asset in XYZ Bank. By mapping the RCA and the provisions of POJK No.18 / POJK.03 / 2016, it can help management obtain information on the level of compliance of the Bank with provisions relating to Banking sensitive information.