Academic IS Risk Management using OCTAVE Allegro in Educational Institution
Abstract
Today, the use of technology is a common thing that is used to support everyday life. However, this technology also carries risks that can compromise the security of information in organizations. Kalbis Institute is a private campus in the East Jakarta area that has been established since 2012. The academic information system used there includes all actors in the campus environment. This risk analysis is carried out to see and understand what risks exist in the current information system. This risk analysis will assess how likely there are threats and vulnerabilities to information systems. This study uses the OCTAVE Allegro method with the help of the OCTAVE Allegro Worksheet. The purpose of this study is to conduct a risk analysis of the academic information system at Kalbis Institute. The result of this study is to look at risk assessments and recommendations for strategies to protect information systems within organization.
Downloads
References
R. K. R. Jr, B. Prince, and C. Cegielski, Introduction to Information Systems: Supporting and Transforming Business. Don Fowley, 2014.
P. Hopkin, Fundamental of Risk Management, 4th Edition, no. 1. 2017.
C. Rowe, “What is Risk Management?” https://www.clearrisk.com/what-is-risk-management (accessed Apr. 02, 2021).
J. S. Suroso and M. A. Fakhrozi, “Assessment of Information System Risk Management with Octave Allegro at Education Institution,” Procedia Comput. Sci., vol. 135, pp. 202–213, 2018, doi: 10.1016/j.procs.2018.08.167.
J. Hom, B. Anong, K. B. Rii, L. K. Choi, and K. Zelina, “The Octave Allegro Method in Risk Management Assessment of Educational Institutions,” Aptisi Trans. Technopreneursh., vol. 2, no. 2, pp. 167–179, 2020, doi: 10.34306/att.v2i2.103.
J. S. Suroso, S. M. N. Rahaju, and Kusnadi, “Evaluation of IS Risk Management Using Octave Allegro in Education Division,” 2018 Int. Conf. Orange Technol. ICOT 2018, pp. 1–8, 2018, doi: 10.1109/ICOT.2018.8705866.
C. Alberts and J. Stevens, “Introduction to the OCTAVE approach,” no. August, pp. 121–129, 2010, doi: 10.1016/b978-0-7020-3055-0.00004-2.
R. a R. a. C. Caralli, J. F. Stevens, L. R. Young, and W. R. Wilson, “Introducing OCTAVE Allegro : Improving the Information Security Risk Assessment Process,” Young, no. May, pp. 1–113, 2007.
S. Amraoui, M. Elmaallam, H. Bensaid, and A. Kriouile, “Information Systems Risk Management: Litterature Review,” Comput. Inf. Sci., vol. 12, no. 3, p. 1, 2019, doi: 10.5539/cis.v12n3p1.
D. H. Stamatis, Introduction to Risk and Failures. 2014. doi: 10.1201/b16855.
D. Landoll, The Security Risk Assessment Handbook. 2016. doi: 10.1201/b10937.
E. Wheeler, Security Risk Management: Building an Information Security Risk Management Program from the Ground Up, vol. 31, no. 2. 2012. doi: 10.1016/j.cose.2011.12.011.
Download PDF: 1359 times
- I certify that I have read, understand and agreed to the Journal of Information Systems and Informatics (Journal-ISI) submission guidelines, policies and submission declaration. Submission already using the provided template.
- I certify that all authors have approved the publication of this and there is no conflict of interest.
- I confirm that the manuscript is the authors' original work and the manuscript has not received prior publication and is not under consideration for publication elsewhere and has not been previously published.
- I confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
- I confirm that the paper now submitted is not copied or plagiarized version of some other published work.
- I declare that I shall not submit the paper for publication in any other Journal or Magazine till the decision is made by journal editors.
- If the paper is finally accepted by the journal for publication, I confirm that I will either publish the paper immediately or withdraw it according to withdrawal policies
- I Agree that the paper published by this journal, I transfer copyright or assign exclusive rights to the publisher (including commercial rights)