DOI: https://doi.org/10.14710/vol15iss4pp469-472

Security Risk Management Assessment in Information Technology Services using Information Technology Infrastructure Library (ITIL) V4

*Andys Sandra Kurniawan  -  Universitas Diponegoro, Jl. Prof. Sudarto, SH, Tembalang, Semarang, Indonesia 50275, Indonesia
Aris Puji Widodo  -  Universitas Diponegoro, Jl. Prof. Sudarto, SH, Tembalang, Semarang, Indonesia 50275, Indonesia
Adi Wibowo  -  Universitas Diponegoro, Jl. Prof. Sudarto, SH, Tembalang, Semarang, Indonesia 50275, Indonesia
Open Access Copyright (c) 2026 Jurnal Sistem Informasi Bisnis

Citation Format:
Abstract

Information Technology (IT) is currently implemented in various fields of life, including in higher education. Some common IT-based service problems such as server down, slow systems, poor integration, and data security are important concerns for education managers. IT Service Management or Information Technology Service Management (ITSM) is a strategic approach to designing, providing, managing, and improving the way IT is used in an organization. ITIL is one of the most popular ITSM frameworks and includes a framework for evaluation and assessment. This study proposes the use of ITIL V4 to assess the level of maturity of security risk management in the higher education sector, which has not been widely explored. This study aims to measure and analyze the level of capability and assess the maturity of IT services, especially in risk management practices and information security management and analyze the level of gap between actual conditions that occur and expected standards. The results of the study indicate that the assessment of the level of maturity of higher education in managing IT service security risks, especially in both management practices, is at level 3 (Defined). These results indicate that universities have begun to realize the importance of IT security risk management, where practices are well defined, processes and activities are documented and standardized. To achieve continuous improvement according to the ITIL V4 standard, it is necessary to increase the capacity of the technology used, consistency in evaluation, and build an organizational culture that supports continuous risk management.

Fulltext View|Download Email colleagues
Keywords: ITIL V4 Maturity Model; Risk Management; Information Security Management; Capability level; IT Service Management

Article Metrics:

Article Info
Section: Research Articles
Language : EN
Most cited articles
Pengukuran Kesadaran Keamanan Informasi Dan Privasi Pada Pengguna Smartphone Android Di Indonesia Implementasi Sistem Pakar Diagnosis Penyakit Diabetes Mellitus Menggunakan Metode Fuzzy Logic Berbasis Web APLIKASI DIAGNOSA GEJALA DEMAM PADA BALITA MENGGUNAKAN METODE CERTAINTY FACTOR (CF) DAN JARINGAN SYARAF TIRUAN (JST) Data Clustering Menggunakan Metodologi CRISP-DM Untuk Pengenalan Pola Proporsi Pelaksanaan Tridharma Sistem Informasi Pengukuran Kinerja Pada Perkebunan Kelapa Sawit Dengan Menggunakan Metode Balanced Scorecard More cited articles
  1. Ahmad, N., & Shamsudin, Z. M. (2013). Systematic approach to successful implementation of ITIL. Procedia Computer Science, 17, 237–244. https://doi.org/10.1016/j.procs.2013.05.032
  2. Al-Ashmoery, Y., Haider, H., Haider, A., Nasser, N., & Al-Sarem, M. (2021). Impact of IT Service Management and ITIL Framework on the Businesses. International Conference of Modern Trends in ICT Industry: Towards the Excellence in the ICT Industries, MTICTI 2021, January 2022. https://doi.org/10.1109/MTICTI53925.2021.9664763
  3. Al Faruq, B. (2020). Integration of ITIL V3, ISO 20000 & ISO 27001:2013forIT Services and Security Management System. International Journal of Advanced Trends in Computer Science and Engineering, 9(3), 3514–3531. https://doi.org/10.30534/ijatcse/2020/157932020
  4. Axelos. (2019). Foundation ITIL ® ITIL 4 Edition ITIL ® OFFICIAL PUBLISHER. In The Stationery Office. https://www.axelos.com
  5. Axelos. (2021). An Overview of the ITIL ® Maturity Model. Axelos.Com, September, 31. https://www.axelos.com/for-organizations/itil-maturity-model
  6. Aziza, N. (2023). Metodologi penelitian 1 : deskriptif kuantitatif. ResearchGate, July, 166–178
  7. Fajri, K. S. Al, & Harwahyu, R. (2024). Information Security Management System Assessment Model by Integrating ISO 27002 and 27004. MALCOM: Indonesian Journal of Machine Learning and Computer Science, 4(2), 498–506. https://doi.org/10.57152/malcom.v4i2.1245
  8. Gunawan, H., Irianto, A. B. P., & Negara, J. G. P. (2024). Implementation of Sustainable Service Improvement in Organizations Using Framework Information Technology Infrastructure Library (Itil). Procedia Computer Science, 234, 748–755. https://doi.org/10.1016/j.procs.2024.03.061
  9. Gunawan, N. K., Hadiprakoso, R. B., & Kabetta, H. (2020). Comparative study between the integration of ITIL and ISO / IEC 27001 with the integration of COBIT and ISO / IEC 27001. IOP Conference Series: Materials Science and Engineering, 852(1), 0–5. https://doi.org/10.1088/1757-899X/852/1/012128
  10. Herlinudinkhaji, D., & Kurnia Ramadhani, L. (2023). Tata Kelola Layanan Teknologi Informasi dengan ITIL V4 untuk Estimasi Layanan. Remik, 7(1), 452–457. https://doi.org/10.33395/remik.v7i1.12058
  11. Hidayah, L. N., Puspitaningrum, A., Febianti, T., Oktavfiantika, N. N., Nurdin, A. L., Ayuningtyas, B. S., & Fathushahib, F. (2019). Audit Infrastruktur Teknologi Informasi Berbasis Itil V.3 Domain Service Design I Pada Sipmas Di Lppm It Telkom Purwokerto. Indonesian Journal of Business Intelligence (IJUBI), 1(1), 39. https://doi.org/10.21927/ijubi.v1i1.896
  12. Hikam, M. L. B., Dewi, F., & Praditya, D. (2024). Analisis Manajemen Risiko Informasi Menggunakan Iso/Iec 27005:2018 (Studi Kasus: Pt.Xyz). JIPI (Jurnal Ilmiah Penelitian Dan Pembelajaran Informatika), 9(2), 728–734. https://doi.org/10.29100/jipi.v9i2.4709
  13. Ilyasa, M. K., & Bisma, R. (2022). Analisis Manajemen Insiden dan Masalah Layanan IT pada Balitbang Jatim. Journal of Emerging Information Systems and Business Intelligence (JEISBI), 03(1), 50–58
  14. Lopes, S. F. S. F. (2021). The importance of the ITIL framework in managing Information and Communication Technology services. International Journal of Advanced Engineering Research and Science, 8(5), 292–296. https://doi.org/10.22161/ijaers.85.35
  15. Putri, I. R. D., & Nuryana, I. K. D. (2024). Analisis Manajemen Insiden dan Masalah Pada Helpdesk Terhadap Perbaikan Kualitas Pelayanan Publik Berdasarkan Framework ITIL V4 ( Studi Kasus : Dispendukcapil Kota Kediri ). Journal of Emerging Information Systems and Business Intelligence), 05(01), 173–181
  16. Sebuah, D. A. N. P., Rais, F., Ramadhani, M. N., Ubaidillah, M., Christian, J., Farisi, A., Informasi, S., Ilmu, F., & Multi, U. (2024). ANALISIS METODE AUDIT INFRASTRUKT IT PADA BIDANG. 1(3), 18–27
  17. Selig, G. J. (2008). Implementing IT Governance A Practical Guide to Global Best Practices in IT Management. Van Haren Publishing, December, 1–23. https://books.google.es/books?hl=es&lr=&id=rdVEBAAAQBAJ&oi=fnd&pg=PR5&dq=implementing+it+governance+a+practical+guide+to+global+best+practices+in+it+management&ots=K_vhQQNhEl&sig=mw7_EdcxzSK4PHH4pfKv1xa7DGE
  18. Selvi Sabrina, Ilhamsyah, N. M. (2019). Tata Kelola Layanan Sistem Informasi Menggunakan Framework Itil Versi 3 Domain Itscm. Coding Jurnal Komputer Dan Aplikasi, 7(01). https://doi.org/10.26418/coding.v7i01.30836
  19. Setyaningsih, A. F., Prabowo, W. A., & Saintika, Y. (2023). Evaluasi Manajemen Layanan Teknologi Informasi menggunakan Itil V4. Jurnal Teknologi Informatika Dan Komputer, 9(1), 160–173. https://doi.org/10.37012/jtik.v9i1.1375
  20. Sukums, F., Wamala-Larsson, C. W., & Kisenge, R. (2023). Assessment of ICT services using the Information Technology Infrastructure Library Framework at Muhimbili University of Health and Allied Sciences, Tanzania. East African Journal of Science, Technology and Innovation, 4(3), 1–14. https://doi.org/10.37425/eajsti.v4i3.643
  21. Yurisca Bernanda, D., & Pangrestu, C. (2021). Evaluation of Server Storage Rack Using ITIL Framework (Case Study: Network Access Provider). Cogito Smart Journal |, 7(2), 2021

Last update:

No citation recorded.

Last update: 2026-05-14 19:28:33

No citation recorded.