Risk Management In Protecting Banking Sensitive Information at XYZ Bank Using COBIT5 Framework

Abstract

POJK No.18 / POJK.03 / 2016 concerning the Implementation of Risk Management for Commercial Banks is addressed to the management and board of directors of Banks to improve provisions regarding compromised customer information disclosure to the public, and breaches of customer information have led to the need for risk management practices in the use of Information Technology (IT). Risk Control Assessment (RCA) is based on the COBIT 5 framework to assess risks associated with the use of Information Technology Asset in XYZ Bank. By mapping the RCA and the provisions of POJK No.18 / POJK.03 / 2016, it can help management obtain information on the level of compliance of the Bank with provisions relating to Banking sensitive information.