Abstrak
Di era digital yang berkembang pesat, keamanan informasi menjadi aspek yang penting dan tidak dapat diabaikan. meskipun kemajuan teknologi memberikan kemudahan dalam penyimpanan, pengolahan dan distribusi data. hal ini juga membuka celah terhadap berbagai ancaman, seperti peretasan dan kebocoran informasi. Selain itu, faktor non-teknis seperti bencana alam yang waktu kejadiannya sulit diperkirakan dapat menjadi risiko yang harus diperhitungkan, karena dapat menyebabkan kerusakan infrastruktur dan hilangnya data penting jika tidak diantisipasi dengan baik. oleh karena itu penelitian ini bertujuan untuk merancang disaster recovery plan (DRP) serta mengidentifikasi potensi ancaman baik dari faktor internal maupun eksternal, dan merumuskan strategi pemulihan yang efektif dan terstruktur dalam menghadapi insiden. Pendekatan yang digunakan adalah kualitatif, dengan teknik pengumpulan data melalui wawancara dan studi dokumen. Penelitian ini menghasilkan dokumen Disaster Recovery Plan (DRP) untuk Satker ZYX sebagai pedoman pemulihan sistem informasi pasca-insiden. Disaster Recovery Plan (DRP) disusun melalui tahapan seperti identifikasi aset, risk assessment, BIA, hingga pengujian dan pemeliharaan rencana. Strategi pemulihan disesuaikan dengan prioritas sistem, mencakup penggunaan hot, warm, dan cold site, serta penerapan backup bertingkat dan peran tim yang terstruktur. Penerapan keamanan informasi masih memerlukan peningkatan, khususnya pada sistem informasi.

Kata Kunci: Disaster Recovery Plan, Keamanan Informasi, Sistem Infomasi.

ABSTRACT

In the rapidly growing digital era, information security is an important aspect that cannot be ignored. although technological advances provide convenience in data storage, processing and distribution. this also opens gaps to various threats, such as hacking and information leaks. In addition, non-technical factors such as natural disasters whose timing of occurrence is difficult to predict can be a risk that must be taken into account, because it can cause infrastructure damage and loss of important data if not properly anticipated. therefore this study aims to design a disaster recovery plan (DRP) and identify potential threats from both internal and external factors, and formulate an effective and structured recovery strategy in the face of incidents. The approach used is qualitative, with data collection techniques through interviews and document studies. This research produced a Disaster Recovery Plan (DRP) document for ZYX work unit as a guideline for post-incident information system recovery. Disaster Recovery Plan (DRP) is prepared through stages such as asset identification, risk assessment, BIA, to plan testing and maintenance. Recovery strategies are tailored to system priorities, including the use of hot, warm, and cold sites, as well as the implementation of multilevel backups and structured team roles. Information security implementation still needs improvement, especially on information systems.

Admass, W.S., Munaye, Y.Y., & Diro, A.A. (2024). Cybersecurity: State of the art, challenges, and future directions. Cyber Security and Applications.

Akbar, B. I., Sucahyo, Y. G., & Gandhi, A. (2022). Disaster recovery plan design in energy government agency using NIST SP 800-34 guidelines. AIP Conference Proceedings, 2499(1), 050015. https://doi.org/10.1063/5.0105726

Ajayi, O.O., Alozie, C.E., & Abieba, O.A. (2025). Enhancing cybersecurity in energy infrastructure: Strategies for safeguarding critical systems in the digital age. Trends in Renewable Energy.

Antonelli, M., Aldrich, R., Tanner, R., & Ho, A. (2025). The storm is here: public libraries’ role in disaster preparedness and community recovery. Electronic Green Journal, 51, Article 2. https://doi.org/10.5070/G3.39629

Farid, G., Warraich, N. F., & Iftikhar, S. (2023). Digital information security management policy in academic libraries: A systematic review (2010–2022). Journal of Information Science, 49(4), 496–513. https://doi.org/10.1177/01655515231160026

Kavak, A. (2024). Impact of information security awareness on information security compliance of academic library staff in Türkiye. Journal of Academic Librarianship, 50(5), 102937. https://doi.org/10.1016/j.acalib.2024.102937

Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cybersecurity: Emerging trends and recent developments. Energy Reports.

Linardos, V., Drakaki, M., & Tzionas, P. (2022). Machine learning in disaster management: Recent developments in methods and applications. MDPI.

McEntire, D.A. (2021). Disaster response and recovery: Strategies and tactics for resilience. Springer.

McIlwraith, A. (2021). Information security and employee behaviour: How to reduce risk through employee education, training, and awareness. Taylor & Francis.

Phillips, B.D., & Mincin, J. (2023). Disaster recovery. Taylor & Francis.

Sengan, S., Subramaniyaswamy, V., & Nair, S. K. (2021). Enhancing cyber–physical systems with hybrid smart city cybersecurity architecture for secure public data-smart network. Elsevier. https://doi.org/10.1016/j.future.2020.06.028

Stamenkov, G. (2025). Cloud service models, business continuity and disaster recovery plans, and responsibilities. MDPI.

Tóth, A. (2023). Information security threats in the digitalization of governance and their impact on elements of the defense sector. BİLGESİNA.

Wangen, G., & Ulven, J. B. (2021). A systematic review of cybersecurity risks in higher education. Future Internet, 13(2), 39. https://doi.org/10.1108/ICS-11-2018-013