IT Asset Assessment Using Quantitative Risk Analysis (QRA) Method at XYZ Cafe

Authors

  • Rahmat Yasirandi Telkom University
  • Emiya Fefayosa Br Tarigan Telkom University

DOI:

https://doi.org/10.34818/INDOJC.2021.6.3.613

Keywords:

IT Asset, Quantitative Risk Analysis, Mitigation Action, Cafe

Abstract

Many companies are starting to invest in information technology (IT) assets to improve their business performance and services in this era. This includes modern cafes, which are becoming a promising business trend, especially if they have branches in various places. As with XYZ Cafe, IT Assets play an essential role in running the business. This research has succeeded in utilizing the Quantitative Risk Analysis (QRA) Method to perform calculations and tabulations for any potential risks. The results show the increase in the value of losses by 371.5% of the issued IT Asset investment capital, or 477,388,063 Rupiah. In detail, through Across Asset Analysis, Across Asset Value is at the top of the rank, namely Mini PC, with a loss value of 127,440,000 Rupiah. Through Across Risk Analysis, the Accidental Errors is in the first rank with a loss value of 184,038,000 Rupiah. This result implies that stakeholders can develop and plan mitigation actions to reduce potential losses for the company. Mitigation actions can be in the form of regulations, standard operating procedures (SOP), proposed monitoring applications, or strategic plan at top-level management so every threat and risk can be controlled and managed.

Downloads

Download data is not yet available.

Author Biography

Rahmat Yasirandi, Telkom University

Informatics Faculty
Telkom University

References

[1] A. A. R. Fernandes, “The effect of organization culture and technology on motivation, knowledge asset and knowledge management,” International Journal of Law and Management, vol. 60, no. 5, pp. 1087–1096, Sep. 2018, doi: 10.1108/IJLMA-05-2017-0105.
[2] P. Moreno and P. Tejada, “Reviewing the progress of information and communication technology in the restaurant industry,” Journal of Hospitality and Tourism Technology, vol. 10, no. 4, pp. 673–688, Nov. 2019, doi: 10.1108/JHTT-07-2018-0072.
[3] M. Cho, M. A. Bonn, A. Susskind, and L. Giunipero, “Restaurant dependence/autonomy in the supply chain and market responsiveness,” International Journal of Contemporary Hospitality Management, vol. 30, no. 9, pp. 2945–2964, Oct. 2018, doi: 10.1108/IJCHM-07-2017-0432.
[4] M. Cavusoglu, “An analysis of technology applications in the restaurant industry,” Journal of Hospitality and Tourism Technology, vol. 10, no. 1, pp. 45–72, Mar. 2019, doi: 10.1108/JHTT-12-2017-0141.
[5] T. F. Tan and S. Netessine, “At Your Service on the Table: Impact of Tabletop Technology on Restaurant Performance,” Management Science, vol. 66, no. 10, pp. 4496–4515, Oct. 2020, doi: 10.1287/mnsc.2019.3430.
[6] J. W. Meritt, “A Method for Quantitative Risk Analysis,” 1999. Accessed: Nov. 22, 2021. [Online]. Available: https://csrc.nist.gov/
[7] ISO/TC 262 Risk management, “ISO 31000:2018 Risk management — Guidelines,” 2018. Accessed: Nov. 22, 2021. [Online]. Available: https://www.iso.org/standard/65694.html
[8] Queensland Treasury and Trade A Guide to Risk Management, “ICT risk matrix,” 2011. Accessed: Nov. 22, 2021. [Online]. Available: https://www.qgcio.qld.gov.au/information-on/ict-risk-management/ict-risk-matrix
[9] ISO/TMBG Technical Management Board - groups, “ISO GUIDE 73:2009 Risk management — Vocabulary,” 2009. Accessed: Nov. 22, 2021. [Online]. Available: https://www.iso.org/standard/44651.html
[10] B. Muslim, “Quantitative Risk Analysis of Asset Information Technology at STT Pagaralam,” Conference SENATIK STT Adisutjipto Yogyakarta, vol. 4, Nov. 2018, doi: 10.28989/senatik.v4i0.186.
[11] M. Annisa Dewi, A. Ambarwati, and C. Darujati, “Analisis Risiko Kuantitatif Aset TI Pada BLC E-Gov Dinkominfo Surabaya,” in Prosiding SEMNAS INOTEK (Seminar Nasional Inovasi Teknologi, 2020, pp. 7–12.
[12] A. Yulianto, A. Ambarwati, and C. Darujati, “Analisis Manajemen Risiko TI Pemeliharaan Aset Menggunakan Quantitative Risk Analysis (QRA) pada PT. HMS,” in Prosiding Seminar Nasional Teknologi dan Rekayasa Informasi , 2016, pp. 45–51.
[13] A. G. R. Padang, A. Ambarwati, and E. Setiawan, “Penilaian Manajemen Risiko TI Menggunakan Quantitative dan Qualitative Risk Analysis,” SISTEMASI, vol. 10, no. 3, p. 527, Sep. 2021, doi: 10.32520/stmsi.v10i3.1340.

Downloads

Published

2021-12-31

How to Cite

Yasirandi, R., & Fefayosa Br Tarigan, E. (2021). IT Asset Assessment Using Quantitative Risk Analysis (QRA) Method at XYZ Cafe. Indonesian Journal on Computing (Indo-JC), 6(3), 63–74. https://doi.org/10.34818/INDOJC.2021.6.3.613

Issue

Vol. 6 No. 3 (2021): December, 2021

Section

Information Technology

License

  • Manuscript submitted to IndoJC has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals. 
  • Copyright on any article is retained by the author(s). Regarding copyright transfers please see below.
  • Authors grant IndoJC a license to publish the article and identify itself as the original publisher.
  • Authors grant IndoJC commercial rights to produce hardcopy volumes of the journal for sale to libraries and individuals.
  • Authors grant any third party the right to use the article freely as long as its original authors and citation details are identified.
  • The article and any associated published material is distributed under the Creative Commons Attribution 4.0License