Identification and Management of Digital Asset Risks at XYZ Car Workshop Using the ISO 31000:2018 Framework

Ellena Effendy; Sri Andayani

doi:10.32524/jusitik.v8i2.1443

Authors

Ellena Effendy Universitas Katolik Musi Charitas
Sri Andayani Universitas Katolik Musi Charitas https://orcid.org/0009-0000-3296-5550

DOI:

https://doi.org/10.32524/jusitik.v8i2.1443

Keywords:

risk management, ISO 31000:2018, car workshop, digital assets, risk treatment

Abstract

This research aims to identify and manage digital asset risks at XYZ Car Workshop using the ISO 31000:2018 risk management framework. In facing digital transformation and operational expansion, XYZ Car Workshop encounters various risks that may disrupt business continuity, such as floods, server downtime, data theft, and unauthorized access. This study uses a qualitative method through interviews and direct observations with the management. The findings reveal 15 major risks categorized into three types: natural, human, and system/infrastructure risks. Based on the analysis, 2 risks are classified as high-level, 11 as medium-level, and 2 as low-level. Each identified risk is addressed with appropriate treatment strategies such as mitigation, avoidance, and risk sharing. The implementation of ISO 31000:2018 has proven to assist the workshop in managing risks systematically and improving operational resilience and efficiency. This study recommends the establishment of standard operating procedures (SOP), regular training for human resources, and the adoption of supporting technologies to ensure sustainable risk prevention and control.