Risk analysis on the development of a business continuity plan

Abstract

In the era of globalization increasingly advanced enterprise engaged in the sale of concrete iron will execute business processes by using software, hardware, networking, and others. Judging from the condition and the current reality of this company did not rule out the occurrence of the risk due to the problems in terms of data security, data integrity, hard disk damage, IT business continuity process. In this research conducted a risk analysis of the entire area of IT and business processes within the company. As for the area to be analyzed by means of analyzing the business continuity that is based on the Standard ISO 27002: 2005 chapter 14, and analyze IT Domain and perform risk assessment and risk mitigation. The risks are found is their dependence on outsourced programmers who acts as a consultant, so rarely do risk assessment in IT companies, the unavailability of a Disaster Recovery Plan and IT Security Plan, an evaluation of the permissions are less common, and no one specifically designated for IT management, lack of training or, and the absence of a standard or framework. The results of this risk analysis can help companies recognize and avoid the risks of what might happen and can avoid the danger of business continuity, so that the company can take action to prevent or deal with the risks that would happen.