The application of IT offers many benefits in the company's business processes. Such as contribute to added value, excellent service, effective and efficient business operations. In addition to providing various benefits for business development, IT also has risk that must be managed optimally. This study aims to measure the level of risk management capabilities of the Syariah Cooperative Information System at KSPPS XYZ, the target level of capability and make a contribution to improvement. Measurement of the level of capability in risk management is done by using COBIT 5 domains EDM03 (Ensure Risk Optimisation) and APO12 (Manage Risk). Based on the measurements that have been made, domains EDM03 and APO12 capability levels are currently at level 0 (incomplete), while domains EDM03 and APO12 capability targets are level 3 (established). To achieve the capability level target, risk management approval is proposed for the KSPPS XYZ Syariah Cooperative Information System.

Astuti, H. M., Muqtadiroh, F. A., Wahyu, E., & Darmaningrat, T. (2018). ScienceDirect Risks Assessment of Information Technology Processes Based on COBIT 5 Framework : A Case Study of ITS Service Desk. Procedia Computer Science, 124, 569–576. https://doi.org/10.1016/j.procs.2017.12.191.

Gibson, D. (2014). Managing Risk in Information Systems (1st ed.). Canada: Jones & Bartlett Learning.

Andry, J. F. (2016). Audit of IT Governance Based on COBIT 5 Assessments : A Case Study. TEKNOSI, 02(02), 27–34.

ISACA. (2012). A Business Framework for the Governance and Management of Enterprise IT. USA. Retrieved from www.isaca.org.

Lestari, R. (2014). Audit Sistem Informasi Bagian Sumber Daya Manusia Pada PT Bando Indonesia Dengan Pendekatan COBIT 5. Universitas Esa Unggul. Retrieved from https://digilib.esaunggul.ac.id

Siburian, N. W. (2015). Pengukuran Tingkat Kapabilitas Tata Kelola Teknologi Informasi Menggunakan Kerangka Kerja COBIT 5: Studi Kasus Direktorat Metrologi Kementrian Perdagangan. Universitas Indonesia.

Yulhendri. (2017). IT Governance Assesment Menggunakan COBIT 5 di Bank XYZ. Universitas Esa Unggul. Retrieved from https://digilib.esaunggul.ac.id.

Arief, M. H. (2018). Evaluasi Manajemen Risiko Teknologi Informasi Menggunakan Kerangka Kerja COBIT 5 ( Studi Kasus Pada Perum Jasa Tirta I Malang ). Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 2(1).

ISACA. (2012). Enabling Processes. USA. Retrieved from www.isaca.org

Indonesia. Undang-Undang Nomor 25 Tahun 1992 Tentang Perkoperasian, Pub. L. No. 25, 1 (1992). Indonesia.

Sekretariat, K. K. dan U. (n.d.). Kementrian Koperasi dan Usaha Kecil dan Menengah Republik Indonesia. Retrieved July 22, 2019, from http://www.depkop.go.id/

Setyaningrum, N. D., & Kusyanti, A. (2018). Evaluasi Manajemen Risiko Teknologi Informasi Menggunakan Framework COBIT 5 ( Studi Kasus : PT . Kimia Farma ( Persero ) Tbk – Plant Watudakon ). Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 2(1), 143–152.

Amanah, P. H. (2014). Pengukuran Kapabilitas Proses Pengelolaan Permintaan dan Insiden Layanan Teknologi Informasi dengan Framework COBIT 5 Studi kasus : PT. Pos Indonesia (Persero). Institut Teknologi Bandung.

Andry, J. F., & Christianto, K. (2018). Audit Menggunakan COBIT 4.1 dan COBIT 5 dengan Case Study (1st ed., p. 388). Yogyakarta: Teknosain.