ANALYSIS OF RELIGIOUS COURT INFORMATION SECURITY RISK MANAGEMENT USING THE OCTAVE ALLEGRO METHOD (CASE STUDY OF KEDIRI CITY)

Cintya Risquna Risquna
Rahmat Yasirandi
Rio Guntur Utomo


DOI: https://doi.org/10.29100/jipi.v7i4.3213

Abstract


Ease of access can be pros and cons for all information system applications, because it increases the possibility of someone hacking the information system. Therefore, a risk assessment or risk assessment of information systems is needed to identify and understand the risks involved in accessing them. One of the risk assessment methods that analyzes the risk profile of information assets using the OCTAVE Allegro method. The purpose of this study was to determine the results of the analysis of security risk management on information systems at the Religious Courts of the City of Kediri. The recommendation process is a follow-up to the risk assessment in the form of controls in ISO/IEC 27002:2013 which focuses on clause 9. Access Control. This research uses a literature study approach . The literature review was carried out by looking for references to information security risk management analysis using the OCTAVE Allegro method, research material books and research journals to assist in the preparation of this research proposal. The theory taken from the reference mainly refers to the OCTAVE Allegro method. Based on the results of the research conducted, the researchers got 10 areas of attention that will be given control recommendations based on ISO/IEC 27002:2013.

Keywords


IT Risk

Full Text:

PDF

Article Metrics :

References


BSN, H. (2017, April 11). Keamanan Informasi Dalam Era Digital. Retrieved from Bsn : https://bsn.go.id/main/berita/detail/8331/keamanan-informasi-dalam-era-digital

daon001. (2016, Maret 31). Kesadaran Keamanan Informasi Masih Lemah. Retrieved from Kominfo: https://kominfo.go.id/content/detail/7190/kesadaran-keamanan-informasimasih-lemah/0/berita_satker

Informasi, T. D. (2011). Panduan Penerapan Tata Kelola Keamanan Informasi Bagi Penyelenggara Pelayanan Publik. Direktorat Keamanan Informasi Kementerian Komunikasi dan Informatika RI .

Caralli, R. A. (2007, May). Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process. US: Carnegie Mellon University.

Peltier, Thomas E. (2005).Information Security Risk Analysis (2nd ed.). Boca Raton, FL., USA: CRC Press, Taylor & Francis Group. Peltier, Thomas E. (2005).Information Security Risk Analysis (2nd ed.). Boca Raton, FL., USA: CRC Press, Taylor & Francis Group.

Hughes, G. 2006. Five Steps to IT Risk Management Best Practices. Risk Management, Vol 53, Issue 7. 34.