MANAJEMEN RISIKO SISTEM INFORMASI PERPUSTAKAAN (STUDI KASUS DI PERPUSTAKAAN UGM YOGYAKARTA)

Library information systems and information assets administered to users becomes the backbone with the role of information technology. However, the application of library information systems that grows rapidly raises the risk that causes the failure threatening librarians in assessing sources of risk threats. Risks may include events and conditions that lead to the impact of information services to be disrupted and the cessation of the decision-making process. The purpose of this study is to describe the implementation of risk management on information systems in Gadjah Mada University Library using NIST SP 800-30 framework and to determine the factors that affect the implementation risk management on information systems at the library. Risk management on information systems at Gadjah Mada University Library has been implemented to anticipate the various sources of risk threats by conducting a risk assessment, risk mitigation and risk evaluation although not documented in writing. Informants of this study consists of librarians who have social situations interact with library information system. The method uses qualitative case study approach with in-depth interviews and direct observation. The results of the study identifies a risk assessment level backup server hangs is high risk, electricity in high risk, security systems in high risk, passwords in high risk, authorization permissions in moderate risk and human resources in moderate risk. To reduce and eliminate the risk impact, Gadjah Mada University Library conducts risk mitigation by transferring the risk from a library information system servers to PSDI (Center for Systems and Resource Information), while the risk evaluation of the activitiesis carried out continuously with the consistency of librarians to implement control activities risk mitigation recommendations to the extent acceptable to the library. Factors affecting the implementation of risk management information systems at the Gadjah Mada University Library are influenced by the policies of the university institution, the perception of the library's head and human resources and technical capabilities in the field of information technology.