In modern digital era, all organizations are completely dependent on Computers and related devices. For that reason, it is mandatory for the organization to manage computer security in order to run smoothly. This paper discusses a case study of Seiyun Community College (SYNCC) for managing computer security, analyzing the risk and threat to the organization's computer system. This case study is performed using the data collection method from the archives. The findings show that SYNCC is lacking in computer system security behind ISO 31000:2009 standard which leads to failure in running the organisation. Finally, from the analysis, it is recommended that SYNCC develop a security plan to cover all the aspects of the information and communication technology. Educating the users is also needed in order to implement the security policy.