Evaluasi Risiko Implementasi Chatbot AI Pada Mobile Banking Bank XYZ Dengan Metode Octave Allegro
DOI:
https://doi.org/10.25078/nivedita.v2i1.5083Kata Kunci:
Chatbot AI, Risiko Teknologi Informasi, Mobile Banking, Perbankan Syariah, Manajemen RisikoAbstrak
The chatbot AI SALMAH is implemented in the Mobile Banking service of Bank XYZ Pekanbaru Branch to improve customer service based on Islamic banking principles. The system aims to provide instant, accurate, and syariah-compliant assistance to customers. However, several risks are associated with this AI integration, including data security, regulatory compliance, and user adoption challenges. This study aims to identify potential threats, evaluate risks, and analyze their impact on banking operations using the High-level IT Risk Assessment framework supported by concepts from OCTAVE Allegro. The assessment revealed five key risk factors: syariah regulatory compliance, data security, customer adoption, industry competition, and rapid technological change. Mitigation strategies include strengthening data protection, customer education, system updates, and continuous monitoring. The highest risk was related to data security breaches and inaccurate chatbot responses. This research provides valuable insights for managing IT risks in syariah-based digital banking services and guides further improvements in AI implementation. Future studies may focus on comprehensive mitigation measures and effectiveness monitoring.
Unduhan
Referensi
R. A. Caralli, J. F. Stevens, L. R. Young, and W. R. Wilson, Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process, CMU/SEI-2007-TR-012, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, USA, 2007, doi: 10.1184/R1/6574790.v1.
ISACA, Risk IT Practitioner Guide, 2nd ed. Rolling Meadows, IL, USA: ISACA, 2020. [Online]. Available: https://www.isaca.org/resources/it-risk
ISO/IEC 27005:2022, Information security, cybersecurity and privacy protection—Information security risk management, International Organization for Standardization, Geneva, Switzerland, 2022. [Online]. Available: https://www.iso.org/standard/80585.html
ISO/IEC 23894:2023, Information technology—Artificial intelligence—Guidance on risk management, International Organization for Standardization, Geneva, Switzerland, 2023. [Online]. Available: https://www.iso.org/standard/77304.html
National Institute of Standards and Technology (NIST), Artificial Intelligence Risk Management Framework (AI RMF 1.0), NIST AI 100-1, Gaithersburg, MD, USA, 2023. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/ai/nist.ai.100-1.pdf
D. A. B. Fernandes, L. F. B. Soares, J. V. Gomes, M. M. Freire, and P. R. M. Inácio, "Security issues in cloud environments: A survey," International Journal of Information Security, vol. 13, pp. 113–170, 2014, doi: 10.1007/s10207-013-0208-7.
M. T. Dlamini, J. H. P. Eloff, and M. M. Eloff, "Information security: The moving target," Computers & Security, vol. 28, nos. 3–4, pp. 189–198, 2009, doi: 10.1016/j.cose.2008.11.007.
O. Akinrolabu, J. R. C. Nurse, A. Martin, and S. New, "Cyber risk assessment in cloud provider environments: Current models and future needs," Computers & Security, vol. 87, p. 101600, 2019, doi: 10.1016/j.cose.2019.101600.
M. Dawood, S. Tu, C. Xiao, H. Alasmary, M. Waqas, and S. U. Rehman, "Cyberattacks and security of cloud computing: A complete guideline," Symmetry, vol. 15, no. 11, p. 1981, 2023, doi: 10.3390/sym15111981.
E. Çayirci, A. Garaga, A. C. Santana de Oliveira, and Y. Roudier, "A risk assessment model for selecting cloud service providers," Journal of Cloud Computing, vol. 5, p. 14, 2016, doi: 10.1186/s13677-016-0064-x.
D. Doherty and K. Curran, "Chatbots for online banking services," Web Intelligence, vol. 17, no. 4, pp. 327–342, 2019, doi: 10.3233/WEB-190422.
Unduhan
Diterbitkan
Cara Mengutip
Terbitan
Bagian
Lisensi
Hak Cipta (c) 2025 Journal Informatics Nivedita
Artikel ini berlisensiCreative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
E-mail: nivedita@uhnsugriwa.ac.id 