Operational Risk in Information Technology: A Literature Review on Identification Mechanisms, Assessment, and Impact on Risk Management
DOI:
https://doi.org/10.65310/8hq2hc60Keywords:
Operational risk, information technology, risk identification, risk assessment, risk management.Abstract
This study presents a systematic literature review on operational risk in information technology, focusing on mechanisms for identifying risks, approaches for assessing them, and their implications for broader risk management practices. The findings show that the identification of IT operational risks requires structured procedures that incorporate business process analysis, technology audits, anomaly detection, and evaluations of human factors to reveal potential vulnerabilities that may disrupt organizational operations. Frameworks such as ISO 31000 and COBIT are widely used to guide institutions in identifying, categorizing, and managing technology-related risks in a consistent and comprehensive manner. Emerging methods that utilize artificial intelligence, big data analytics, and predictive modeling have also contributed to improving the accuracy of risk detection in increasingly complex digital environments.The review further demonstrates that IT operational risks have substantial impacts on organizational resilience, financial performance, service continuity, and regulatory compliance. Technological failures can hinder decision-making processes, damage user trust, and weaken long-term institutional stability. Therefore, integrating IT operational risk management into enterprise-wide strategies is essential to ensure operational reliability and preparedness in the digital era.
Downloads
References
Ahkmad, F. F. (2024). Manajemen Risiko dalam Optimalisasi Keberhasilan Proyek Teknologi Informasi Menggunakan Framework ISO 31000. Jurnal Telematika, 19(2), 60-64. https://doi.org/10.61769/telematika.v19i2.712.
Asmarawati, S. G., & Dewi, A. M. (2024). Asesmen Manajemen Risiko Berdasarkan ISO 31000 dalam Pengukuran Risiko Operasional dan Risiko Keuangan pada Perusahaan XYZ. JEBDEKER: Jurnal Ekonomi, Manajemen, Akuntansi, Bisnis Digital, Ekonomi Kreatif, Entrepreneur, 4(2), 365–388. https://doi.org/10.56456/jebdeker.v4i2.267
Budianto, E. W. H. (2023). Pemetaan penelitian risiko operasional pada industri keuangan syariah dan konvensional: studi bibliometrik VosViewer dan literature review. Jurnal Ekonomi Islam, 14(2), 158-174.
Capriani, N., & Dana, I. (2016). Pengaruh Risiko Kredit Risiko Operasional Dan Risiko Likuiditas Terhadap Profitabilitas BPR Di Kota Denpasar. E-Jurnal Manajemen, 5(3), 1486–1512. https://ojs.unud.ac.id/index.php/manajemen/article/view/16316
Caseba, F. L., & Dewayanto, T. (2024). Penerapan Artificial Intelligence, Big Data, Dan Blockchain Dalam Fintech Payment Terhadap Risiko Penipuan Komputer (Computer Fraud Risk): A Systematic Literature Review. Diponegoro Journal Of Accounting, 13(3), 1–15 https://ejournal3.undip.ac.id/index.php/accounting/article/view/46058
Chowdhury, S., Rodriguez-Espindola, O., Dey, P., & Budhwar, P. (2023). Blockchain technology adoption for managing risks in operations and supply chain management: evidence from the UK. Annals of operations research, 327(1), 539-574. https://doi.org/10.1007/s10479-021-04487-1.
Cisco, Cybersecurity Readiness Index 2025: “86% perusahaan global melaporkan insiden keamanan terkait AI dalam 12 bulan terakhir”. Link: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m05/cisco-study-reveals-alarming-deficiencies-in-security-readiness.html Cisco Newsroom+1
El Hajj, M., & Hammoud, J. (2023). Unveiling the influence of artificial intelligence and machine learning on financial markets: A comprehensive analysis of AI applications in trading, risk management, and financial operations. Journal of Risk and Financial Management, 16(10), 434. https://doi.org/10.3390/jrfm16100434.
Fernando, Y., Tseng, M. L., Wahyuni-Td, I. S., de Sousa Jabbour, A. B. L., Chiappetta Jabbour, C. J., & Foropon, C. (2023). Cyber supply chain risk management and performance in industry 4.0 era: information system security practices in Malaysia. Journal of Industrial and Production Engineering, 40(2), 102-116. https://doi.org/10.1080/21681015.2022.2116495.
Fuji, S. (2025). Strategi Manajemen Risiko Teknol Strategi Manajemen Risiko Teknologi Informasi Berbasis Studi Literatur. TeIKa, 15(1).
Fuji, S., Supriadi, F., & Junaedi, I. D. (2025). Strategi Manajemen Risiko Teknol Strategi Manajemen Risiko Teknologi Informasi Berbasis Studi Literatur. Teika, 15(1). https://jurnal.unai.edu/index.php/teika/article/view/3838
Girling, P. X. (2022). Operational risk management: a complete guide for banking and fintech. John Wiley & Sons.
Habsy, B. A. (2017). Seni Memehami Penelitian Kuliatatif Dalam Bimbingan Dan Konseling : Studi Literatur. JURKAM: Jurnal Konseling Andi Matappa, 90–100. https://doi.org/10.31100/jurkam.v1i2.56
Habsy, B. A., Mufidha, N., Shelomita, C., Rahayu, I., & Muckorobin, Moch. I. (2023). Filsafat Dasar Dalam Konseling Psikoanalisis : Studi Literatur. Indonesian Journal Of Educational Counseling, 7(2), 189–199. https://doi.org/10.30653/001.202372.266
Hasibuan, R. P. A. (2024). Manajemen Risiko Operasional pada Bank Syariah Indonesia (BSI) KC Bengkulu. EKOMA: Jurnal Ekonomi, Manajemen, Akuntansi, 3(4), 879-891. https://ulilalbabinstitute.co.id/index.php/EKOMA/article/view/3377
Judijanto, L., Hindarto, D., Wahjono, S. I., & Djunarto, A. (2023). Edge of enterprise architecture in addressing cyber security threats and business risks. International Journal Software Engineering and Computer Science (IJSECS), 3(3), 386-396.
Lubis, N. A. S. F., Lestari, D., Harahap, U. Y., & Arsyadona. (2025). Peran Teknologi Informasi Dalam Mengelola Risiko Operasional. Kohesi: Jurnal Multidisiplin Saintek, 6. https://doi.org/10.8734/Kohesi.v1i2.365
Luo, N., Yu, H., You, Z., Li, Y., Zhou, T., Jiao, Y., ... & Qiao, S. (2023). Fuzzy logic and neural network-based risk assessment model for import and export enterprises: A review. Journal of Data Science and Intelligent Systems, 1(1), 2-11. https://doi.org/10.47852/bonviewJDSIS32021078.
Mardikaningsih, R., Halizah, S. N., Nuraini, R., Darmawan, D., & Hardyansah, R. (2024). Manajemen Risiko Pada Penerapan Manajemen Rantai Pasokan Global: Kajian Terhadap Pendekatan Strategis Untuk Mengidentifikasi, Mengevaluasi, dan Mengelola Risiko. Yos Soedarso Economic Journal (YEJ), 6(2), 1-15.
Nisa’, F. Z., Febrianti, G. D., & Ajrina, N. N. (2023). Systematic Literature Review: Analisis Implementasi Manajemen Risiko TI Menggunakan Framework COBIT di Sektor Industri Jasa. Bulletin of Computer Science Research, 4(1), 66–74. https://doi.org/10.47065/bulletincsr.v4i1.313
Parera, M. F., Indawati, L., Rumana, N. A., & Yulia, N. (2022). Manajemen Risiko Di Ruang Penyimpanan Rekam Medis (Literature Review) . Journal Of Innovation Research And Knowledge, 1(10), 1323–1326. https://doi.org/10.53625/jirk.v1i10.1744
PwC, Global Digital Trust Insights Survey (2022): “27% organisasi mengalami pelanggaran data dengan biaya US$ 1-20 juta dalam 3 tahun terakhir”. Link: https://www.pwc.com/bm/en/press-releases/global-digital-trust-insights-survey.html PwC+1
PwC, Global Risk Survey 2023. “37% organisasi merasa sangat terekspos terhadap risiko siber”. Link: https://www.pwc.com/id/en/media-centre/press-release/2024/indonesian/pwc-global-risk-survey-2023.html PwC+1
Rahmatika, A. N., Apriyadi, M. F., Kahfi, M A., & Aibi, O. N. (2024). Analisis Manajemen Risiko Teknologi Informasi Pada Sistem Informasi Akademik (SIAK) Universitas Muhammadiyah Sukabumi (UMM) Menggunakan ISO 31000. Jurnal Manajemen Dan Teknologi Informasi, 14(1), 49–58. https://doi.org/10.59819/jmti.v14i1.3321
Ricky (2017). Analisis Risiko Operasional Dalam Pemilihan Perangkat Keras (Hardware) Dan Perangkat Lunak (Software) Pada Industri Perbankan (Studi Kasus: Bank X). Jurnal Ekonomi, Manajemen Dan Perbankan (Journal of Economics, Management and Banking), 1(2), 43. https://doi.org/10.35384/jemp.v1i2.36
Salamai, A. A., El-kenawy, E. S. M., & Abdelhameed, I. (2021). Dynamic voting classifier for risk identification in supply chain 4.0. Computers, Materials & Continua, 69(3).
Santorry, S. (2024). Evaluating the Impact of Technological Innovations on Operational Risk Management in Financial Institutions. The Journal of Academic Science, 1(6), 762-776. https://doi.org/10.59613/7hgzeg07.
Setiawan, R., & Rahmadsyah. (2025). Digitalisasi Perbankan dan Ancaman Keamanan Siber: Tantangan dan Strategi Mitigasi Risiko Operasional. ASEFBA: Advanced Studies in Economic, Finance and Banking, 1(1), 73–87. https://journalweb.org/ojs/index.php/ASEFBA/article/view/548
Settembre-Blundo, D., González-Sánchez, R., Medina-Salgado, S., & García-Muiña, F. E. (2021). Flexibility and resilience in corporate decision making: a new sustainability-based risk management system in uncertain times. Global Journal of Flexible Systems Management, 22(Suppl 2), 107-132. https://doi.org/10.1007/s40171-021-00277-7.
Sipior, J. C., Lombardi, D. R., & Gabryelczyk, R. (2021). Information technology operational risk: A teaching case. Journal of Computer Information Systems, 61(4), 328-344. https://doi.org/10.1080/08874417.2019.1647767.
Sirait, N. M., & Susanty, A. (2016). Analisis Risiko Operasional Berdasarkan Pendekatan Enterprise Risk Management (Erm) Pada Perusahaan Pembuatan Kardus Di Cv Mitra Dunia Palletindo. Industrial Engineering Online Journal, 5(4), 1–10. https://ejournal3.undip.ac.id/index.php/ieoj/article/view/14043
Sitorus, M. G. B., Maria, N., & Safa, Y. N. (2024). Tinjauan Literatur Manajemen Risiko Cyber dalam Proyek: Identifikasi, Evaluasi, dan Mitigasi Ancaman. Jurnal Manajemen Informatika (JAMIKA), 14(2), 187-198. https://doi.org/10.34010/jamika.v14i2.12887.
Stouffer, K., Stouffer, K., Pease, M., Tang, C., Zimmerman, T., Pillitteri, V., ... & Thompson, M. (2023). Guide to operational technology (ot) security.
Sutigar, M. B. B., Bhisma, V. A., Firmansyah, A. N., & Wulansari, A. (2024). Studi Literature Review IT Risk Management di Instansi Pemerintahan. JATI (Jurnal Mahasiswa Teknik Informatika), 8(1), 75-79. https://doi.org/10.36040/jati.v8i1.8734.
Syadali, M. R. A., Segaf, S., & Parmujianto, P. (2023). Risk management strategy for the problem of borrowing money for Islamic commercial banks. Enrichment: Journal of Management, 13(2), 1227-1236. https://doi.org/10.35335/enrichment.v13i2.1392.
Thenu, P. P., Wijaya, A. F., & Rudianto, C. (2020). Analisis Manajemen Risiko Teknologi Informasi Menggunakan Cobit 5 (Studi Kasus: Pt Global Infotech). Jurnal Bina Komputer, 2(1), 1–13. https://doi.org/10.33557/binakomputer.v2i1.799
Yasirandi, R., Rakhmatsyah, A., & Kurniawan, F. (2021). IT Risk Management dalam Operasional untuk Peningkatan Layanan Informasi Pesanan. Krea-TIF, 9(2), 21. https://doi.org/10.32832/kreatif.v9i2.5982.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Adelia Nafisah Balqis, Salma Nabila Ramadhani, Alvianus Kristian Sumual (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
