Understanding the Risk Model to the Management Information System of the Supply Chain in the Company's Logistics Process

Background: Various company resources involved in the business become a common commodity that must be used the distinguished is how the management needs manage its information system. Risk Management is one of the arts and sciences in identifying, analyzing, and responding to every risk throughout the product lifecycle. Objective: to investigate the effects of risk management on the performance of the company so they have competitive advantage to maintain their market profits. Methods: We identified and analyzed the weaknesses of one of the Fishing Companies (PT. Nusantara Fisheries) located in Eastern Indonesia (Ambon) the capital of Maluku province. The approach was carried out by interviewing the highest chair (Branch Head), then 2 administrative and information systems staff, 6 raw material processing company technicians, 4 agents and 16 suppliers from 4 different vessels. The questionnaire was used to find out how important the risk management in the logistics and supply chain so that it found out the risks that were affecting their performance. Results: The results of this approach provided almost 90% of the information needed to analyze the response of this company in the Supply Chain Management conceptual strategy because it had a positive impact on selection, determined the scope of the company, developed a realistic schedule and estimated the right target costs in involving team members to determine strengths and weaknesses in the Supply Chain Process. Conclusion: the companies were able to minimize business failures and the strategy had positive impact.


I. INTRODUCTION
This Risk remains an important issue in the modern enterprise industry, they should take a more proactive approach by investing in an IT field capable of analyzing in helping to identify and minimize any possible risks. implementing IT in a company's strategy provides significant benefits in modern competition, this goal is very helpful for many companies that have great potential with a level of risk that is also very detrimental to their company.
By improving, coordinating, conducting the interaction of risk management need activities in IT settings, is highly influential on quality management, project management, IT service management and information security management [1]. The underlying logic Validation should test how effective the risk analysis in support of applied risk management in the real world [2]. In the real world managing risk can be an added value because it reduces expected taxes, reduces cash flow, income volatility, lowers financial distress costs, lowers capital costs, and mitigates small investment issues [3]. Organizations with social media policies have broader training and technical controls, e-Supply Chains are fast becoming a reality to manage such supply chains [4], will be very efficient and effective [5], Information sharing increases the supply chain's profitability significantly, (egg leakage of confidential information to competitors, sharing of misinformation resulting in losses) [6].
Opportunities offered by digital technology to make a deep rationalization of purchases and inventories become very important in the competition between companies with the basic structure of the e-supply chain [7]. E-commerce is growing rapidly with the development of new business models and will continue to improve in decades [8]. Increasing the complexity of enterprise information reduces the transparency of information resulting in higher audit risk [9]. The company's website is a major digital marketing channel for companies where they seek to gain a greater share of stakeholder concerns (i.e., customers, investors, communities) [10]. In this case, our view of risk management can be said to be a solution in a corporate uncertainty strategy that has a negative or positive effect on the achievement of this corporate objective, for our modern risk management strategy to perceive their understanding to at least positive effects a positive lag of IT investment as a modern enterprise strategy that identifies risks, analyzes those risks, and develops plans to address them [11].

II. METHODS
The company's product supply chain cycle in business will not function properly if the way it works is not optimal so as to produce lower product quality and non-standard products can endanger users, due to the regulation of information systems, data quality, and the implications of their respective costs approaches must be considered in decision making [11]. Encourage effective decision making when managing and providing critical solutions in market business [12], Analysis trade functions and their risks when the logistic process of the supply chain is incorporated into the types of risks that will arise [13]. This standard can be applied to any organization, large or small, in all sectors of activity. Risk management standards recommend that organizations must have a framework that integrates risk management processes into the entire organization, strategy and planning, management, policy, value and culture reporting processes [14]. Although risk management practices have been developed over time and in various sectors to meet diverse needs, the adoption of a consistent process in a comprehensive framework to help ensure that risks are managed effectively, efficiently and coherently throughout the organization. For any standard, including risk management standards, there are pros and cons about the benefits of applications for organizations, businesses and customers. Some pros and cons of implementation, without entering details because most of the time has been clearly explained below as shown in Table 1.
To apply the standard on risk management, many steps must be taken. This will provide clear responsibilities in the implementation of their corporate standards that enable measurement of progress of corporate implementation and transparency usually Increase community participation [15]. The steps to be followed in applying the risk management standards are described in this Table and in accordance with the entire process presented as shown in Fig. 1.
A. Identification of Risk. Support of the level executive management or buy-in to apply their standard including resources. People who have good knowledge of organizational processes because of good communication writing skills should be included as a committee member (positions may be played by the Quality / Knowledge Manager).
B. Risk Analysis. Implementation Plan that describes the process of activities and skills required. Analyze to determine the size of a risk by considering the possibility of occurrence and the magnitude of the consequences C. Risk Planning. Provide Technical Training or Support. Organize activities for the purpose of implementing risk management. Ensure that all their standard processes are aligned with the organization process.
D. Risk Monitoring. Develop risk management documents (policies, plans, processes and work instructions). Obtain management approval for all processes of their document implementation. Pros. This improves the performance of the organization in reduce the risk to their analysis. Supports the system risk management for reviewing each production as a general. These ensure a products systems safe, reliable also implementing purpose of the company (fit-for-purpose). It can improve practice business management. Save businesses time, money also create the business processes to be efficient. It provides a set of complete components to determine the risk. Provisions to assess their performance. It supports management decision-making process.
Cons. This involves additional costs (training, implementation, tools). It does not provide a clear answer to aspects of the organization or certain business. They don't have a suitable guideline to support their decision process. It needs to be revised quickly in response to changes in their business situation. Don't offer level of the same qualification for international trade, because ISO standards' with the existing certificate process. It may not guarantee the effectiveness of their risk management. Source: C. Preda, "Implementing a Risk Management Standard," [15] Serumena, Santoso,& Kristyanto Journal of Information Systems Engineering and Business Intelligence, 2019, 5 (1), 93-99 95 E. List of Potential Risk Feedback from potential Risk refers to threats or damage that may occur in a business strategy. When a business company conducts operations in certain industries and in certain markets, they face potential risks.
F. Risk avoidance and contingency plans. Implement risk management process or strategy (probation). Contingency planning is a planning step that must be taken when the risk occurs, the risks that occur are generally referred to as problems that will be managed because they occur without pre-planning.
G. Risk Assessment. (Internal audit) Overview for each management. the process of security checks with a certain structure, making a specific recommendation, and recommendations for decision making in a project by using risk analysis, risk estimation, and other information that has the potential to influence decisions Risk management and information security have become critical practices in both the federal and private industry space, through skills from leadership, management is able to create an environment with people who are fully engaged in the organization, with the risk management system operating effectively [15]. The highest management must demonstrate its commitment or determination to implement risk management standards. It is important to note that training or awareness is essential in applying risk management standards. Information technology (IT) has become the most powerful weapon for managers to formulate and implement business strategies [15,16]. Without the support of information systems, most of the business strategy cannot be done. The real power of IT may be embodied in an Organization only if aligned properly to support the organization's core business strategy [17]. In the same case, it has become difficult or impossible to separate the discipline of logistics management and logistics information management. The development and widespread use of IT in business has changed the way of the organization is managed and thus has made a lot of conventional management approaches obsolete [18].

III. RESULTS
The In this study, we have researched the activities of the Company's strategy, then Fig. out the differences that occur in the outline of the management structure for the outcomes of their entire supply chain network. Assuming that this strategy can have an important effect on supply chain management positions. We have tested and perceived every risk of their strategy in an effective way, i.e., company strategy in purchasing and production, logistics and transportation, shipping and processing of raw materials [15].

A. Research Data Model
Empirical analysis was conducted through a survey to 33 different sources of firms, after which we concluded that the more member companies involved in the chain, the more complex the management strategy that needs to be built is the flow of products and services, the flow of money and the flow of documents. Management of data and information attached to each entity, will vary with the flow of the three entities [19]. Because these three streams originate from the "upstream" to downstream positions of the Supply Chain, which allow two of them to be beyond the reach of the Company, they must focus on their data and information management to be interconnected and well-integrated [20]. In this paper, we focus on the areas of product and service flow, money flow and document flow as the first step between SCM and the interrelated Risk Management. Because nearly 70% of the risks that arise in the supply chain management of the company are due to these three things. The notion which includes the supervision of capital, liquidity, and exposure in both the investment business, corporate strategy and trading business [21]. And according to has discussed the process of corporate 96 responsibility in the balance of strategy, stakeholders, public response, consumer representation and public participation [22]. The notion that the peak of the firm's strategy generally avoids risk and facilitates their risk management efforts [23].

B. Result Data Model
In this study, we define Information Systems (IS) and Information Technology (IT) in their companies that contribute to their supply chain process (e-supply Chain) by enhancing their company's strategy in communicating [24], distributing information, improving company productivity, optimizing raw material resources and reducing transportation travel. With the expectation that this concept is based on a classical and mechanistic basis, and this strategy can minimize risk to as little as possible from before [25] as show in Fig. 2.

1) Risk Management.
We use this concept, because the real long-term processing strategy in business can be seen as a possible opportunity to choose the potential of many negative risks and potential positive risks in the supply chain. We evaluate four main processes of companies that are generally involved in risk management. This process is based on the experience of 2 managers of corporate management [26]. Estimates Risk probabilities in a firm's strategy may be rated as very low, our analysis of the previous (<10%), low (10-25%), medium (25-50%), high (50-75%) or very high (> 75%). This is a challenge for the first stage we do in identifying the risks of each of their strategies. This relates to the possible risk effects of their supply chain strategy to improve financial returns. We analyze and demonstrate that investing in IT can minimize some common sources of risk(see Table  2), because if a potential supply chain strategy does not receive a minimum score, management may decide not to work on and resolve it or take action to reduce risk before investing too much time or Material [27].
2) Risk in IT strategy. In our reference, the Standish Group develops specific questions for each success criterion in helping to decide the number of points to be set for a strategy. Then we analyze important point that should be in Priority Company contained in Table 3. Periodic application to this company will provide space for them to be able to improve any their company's management systems. The main output of our risk management plan is the risk management plan And mitigation, the plan that documents the procedures for managing risk across the company's Supply Chain strategy (IT Success Potential and Criterion (User Involvement, Executive Management support, Clear Statement of Requirements, Proper Planning, Realistic Expectations).

3) Supply Chain (SCM) in Enterprise Information Systems.
The concept of supply chain management demonstrates the existence of a process of interdependence between various related companies within a business system. According to us in this case, the more companies involved in the chain, the more complex the management strategy needs to be built. Three streams of entities that must be well managed. (The flow of products and services, the flow of money, and the flow of document) The essence of managing these three physical entities, managing data and the information attached to each entity, and which varies with the flow of the three entities. The main task of the enterprise information system. Collect, create and process raw data derived from transactions or business activities so as to become useful information and knowledge for stakeholders (those concerned) [28]. Storing and disseminating any such data, information and knowledge to anyone in need, especially internal company management and staff, business partners, customers, and other stakeholders outside the company [29].

1) Enterprise Information System Architecture
Building a good integrated corporate information system architecture can begin by looking at anyone who needs the Technology. Building a good integrated corporate information system architecture can start by looking at who needs the technology in the company. The following analysis of the use of SI architecture components in the company from 2015 to 1026 and above, can be explained as show in Fig. 3.

IV. DISCUSSION
In this study, we developed a theoretical framework to investigate the effects of risk management on the Company's performance by using questionnaires for each response to the supply chain that has evolved with the strategy. Information systems of companies that have considerations in making corporate decisions to compete in the business market. This is because we see broadly that human resources cannot be aligned with natural resources, so many of these companies do not find opportunities to compete with others. The tangible results of the three combined combinations of Risk Management strategy, SCM and enterprise information flows, were able to minimize the company's business failures, and showed that this strategy was almost 80% having a positive impact, as the results in 2017 found a significant increase in their companies, from information systems by HRD to the implementation of supply chain strategy to each of their suppliers (see Table  4 and 5) Normality testing is done with the aim to be able to assess the distribution of data or variables that are done on this research can be used or not. And Classical assumption analysis is done to assess an Ordinary Least Square (OLS) linear regression model on this problem. This test is useful in determining whether the data collected is normally distributed or not.  Fig. 4. shows that the coordinates point around the diagonal line and follow the diagonal shape so that the research data is declared to be normally distributed. The tolerance value of the variables of time, cost, employee, communication and procurement is greater than 0.10, and the VIF value of all variables is less than 10 so that all independent variables do not occur multicollinearity.
The time variable has no effect on risk management because the significance value = 0.530 is greater than 0.05 or 5%. Cost variables have a positive and significant effect on risk management because the value of the coefficient is 0.488 and its significance = 0.007 is smaller than 0.05 or 5%. Employee variables have no effect on risk management because the significance value = 0.404 is greater than 0.05 or 5%. Communication variables have no effect on risk management because the significance value = 0.136 is greater than 0.05 or 5%. 99 Procurement variables have a positive and significant effect on risk management because the coefficient value is = 0.817 and its significance = 0,000 is greater than 0.05 or 5%.

V. CONCLUSIONS
In this study, we developed a theoretical framework to investigate the effects of risk management on the performance of the Company with a strategy of information systems of the company that had a consideration in making decision to compete in the business market, we took this step because we saw that human resources could not be harmonized with natural resources, many of these companies did not find opportunities to compete with others. The tangible results of the combination of the three Risk Management strategies, SCM and company information flow were able to minimize the company's business failures and show that this strategy of almost 80% had positive impact because the results in 2017 found a significant increase in their companies, from the information systems to the implementation of supply chain strategies for each of their suppliers.