Kajian Manajemen Risiko Sistem Informasi Menggunakan Metode Octave Allegro
Abstract
Abstrak. Berbagai ancaman yang timbul pada sistem informasi membuktikan pentingnya keamanan sistem informasi sehingga untuk melindunginya diperlukan pengelolaan yang tepat dan akurat. Salah satunya dengan menerapkan manajemen risiko yang bertujuan untuk meminimalisir ancaman kerusakan dan ekspoitasi terhadap sistem informasi perusahaan. Artikel ini bertujuan untuk mengidentifikasi dan menganalisis risiko dan dampak yang timbul pada sistem informasi PT. XYZ, serta mengidentifikasi langkah-langkah potensial sebagai upaya mitigasi. Pengumpulan data dilakukan melalui wawancara dan observasi. Data yang dihasilkan berupa data kualitatif dengan menghasilkan pendekatan mitigasi terhadap risiko sistem informasi. Selanjutnya data yang diperoleh diolah dengan menggunakan metode OCTAVE Allegro. Hasil menunjukkan impact area financial memiliki nilai prioritas paling tinggi. Sementara data budgeting menjadi salah satu informasi data paling penting dalam aspek financial. Analisis risiko terhadap data budgeting menghasilkan 8 areas of concern, 6 diantaranya dapat menimbulkan kerugian yang besar sehingga diperlukan pembangunan langkah untuk memitigasinya.
Kata kunci: Data budgeting; Keamanan sistem informasi; Manajemen risiko; OCTAVE Allegro
Abstract. Various threats which arise in the information system prove the importance of information system security. To protect it, proper and accurate management is needed. Risk management implementation aims to minimize the threat of damage and exploitation to the company's information system. This study aimed to identify and analyze the risks and impacts which arise on the information system of PT. XYZ, as well as identified potential measures as mitigation efforts. Qualitative data were obtained through interviews and observations. Data analysis was conducted using the OCTAVE Allegro method. Results showed the financial impact area had the highest priority value. Meanwhile, budgeting data was one of the most crucial data information in the financial aspect. The risk analysis of budgeting data resulted in 8 areas of concern, 6 of which can cause losses, so mitigation approaches are needed to minimize the impact of risk.
Keywords: Budgeting data; Information system security; Risk management; OCTAVE Allegro
References
E. Handoyo, R. Umar, I. Riadi, "Analysis Security of SIA Based DSS05 on COBIT 5 using Capability Maturity Model Integration (CMMI)", Scientific Journal of Informatics. vol. 6, no. 2, pp. 193–202, 2019. doi: 10.15294/sji.v6i2.17387
M. Sukri, I. Riadi, "Risk Management Analysis on Administration System using OCTAVE Allegro Framework", Int. J. of Computer Applications, vol. 174, no. 17, pp. 5–11, 2021. doi: 10.5120/ijca2021920981
D.A. Jakaria, R.T. Dirgahayu, Hendrik, "Manajemen Risiko Sistem Informasi Akademik pada Perguruan Tinggi menggunakan Metoda Octave Allegro", In: Seminar Nasional Aplikasi Teknologi Informasi. Yogyakarta: Universitas Islam Indonesia; pp. 37–42, 2013.
A.M. Suduc, M. Bîzoi, F.G. Filip, "Audit for Information Systems Security", Informatica Economica, vol. 14, no. 1, pp. 43–48, 2010.
M. Jouini, L.B.A. Rabai, A. Aissa, "Classification of Security Threats in Information Systems", Procedia Computer Science. vol. 32, pp. 489–96, 2014. doi: 10.1016/j.procs.2014.05.452
M. Zineddine, "Vulnerabilities and Mitigation Techniques Toning in The Cloud: A Cost and Vulnerabilities Coverage Optimization Approach using Cuckoo Search Algorithm with Lévy Flights", Computers & Security, vol. 48, pp. 1–18, 2015. Available from: 10.1016/j.cose.2014.09.002
J.S. Suroso, S.M.N. Rahaju, Kusnadi, "Evaluation of IS Risk Management using Octave Allegro in Education Division", In: 2018 International Conference on Orange Technologies, ICOT 2018. Bali: IEEE; pp. 1–8, 2018. doi: 10.1109/ICOT.2018.8705866
M.E. Whitman, H.J. Mattord, Principles of Information Security. 4th ed. Boston: Thomson Course Technology, 2012.
J.S. Suroso, M.A. Fakhrozi, "Assessment of Information System Risk Management with Octave Allegro at Education Institution", Procedia Computer Science, vol. 135, pp. 202–213, 2018. doi: 10.1016/j.procs.2018.08.167
W. Sardjono, C. muhamad, "Information Systems Risk Analysis using Octave Allegro Method Based at Deutsche Bank", In: International Conference on Information Management and Technology (ICIMTech). Jakarta: IEEE, pp. 38–42, 2018. doi: 10.1109/ICIMTech.2018.8528108
E.B. Wagiu, R. Siregar, R. Maulany, "Information System Security Risk Management Analysis in Universitas Advent Indonesia Using Octave Allegro Method", In: International Scholars Conference Proceedings. Bandung: ISC; pp. 1741–50, 2019. doi: 10.35974/isc.v7i1.1387
J. Hom, B. Anong, K.B. Rii, L.K. Choi, K. Zelina, "The Octave Allegro Method in Risk Management Assessment of Educational Institutions", Aptisi Transactions on Technopreneurship (ATT). vol. 2, no. 2, pp. 167–79, 2020. doi: 10.34306/att.v2i2.103
R.A. Caralli, J.F. Stevens, L.R. Young, W.R. Wilson, "Introducing Octave Allegro: Improving the Information Security Risk Assessment Process", Pittsburgh: Carnegie Mellon University, 2007.
Rosini, M. Rachmaniah, B. Mustafa, "Penilaian Risiko Kerawaran Informasi dengan Menggunakan Metode Octave Allegro", J. Pustakawan Indonesia, vol. 14, no. 1, pp. 14–22, 2016. doi: https: 10.29244/jpi.14.1.%25p
K. Abdullah, I.N. Isnainiyah, M.I. Faried, "Risk Management Analysis on Organizational Website using Octave Allegro Method", In: Proceedings - 2nd International Conference on Informatics, Multimedia, Cyber, and Information System, ICIMCIS 2020. Jakarta: IEEE; pp. 201–206, 2020. doi: 10.1109/ICIMCIS51567.2020.9354298
How To Cite This :
Refbacks
- There are currently no refbacks.
