Academic IS Risk Management using OCTAVE Allegro in Educational Institution

  • Vincentius Gerardo Bina Nusantara University
  • Ahmad Nurul Fajar Bina Nusantara University
Keywords: Academic IS, IS Risk Management, OCTAVE Allegro, OCTAVE Allegro Worksheets, Risk Management


Today, the use of technology is a common thing that is used to support everyday life. However, this technology also carries risks that can compromise the security of information in organizations. Kalbis Institute is a private campus in the East Jakarta area that has been established since 2012. The academic information system used there includes all actors in the campus environment. This risk analysis is carried out to see and understand what risks exist in the current information system. This risk analysis will assess how likely there are threats and vulnerabilities to information systems. This study uses the OCTAVE Allegro method with the help of the OCTAVE Allegro Worksheet. The purpose of this study is to conduct a risk analysis of the academic information system at Kalbis Institute. The result of this study is to look at risk assessments and recommendations for strategies to protect information systems within organization.


Download data is not yet available.


R. K. R. Jr, B. Prince, and C. Cegielski, Introduction to Information Systems: Supporting and Transforming Business. Don Fowley, 2014.

P. Hopkin, Fundamental of Risk Management, 4th Edition, no. 1. 2017.

C. Rowe, “What is Risk Management?” (accessed Apr. 02, 2021).

J. S. Suroso and M. A. Fakhrozi, “Assessment of Information System Risk Management with Octave Allegro at Education Institution,” Procedia Comput. Sci., vol. 135, pp. 202–213, 2018, doi: 10.1016/j.procs.2018.08.167.

J. Hom, B. Anong, K. B. Rii, L. K. Choi, and K. Zelina, “The Octave Allegro Method in Risk Management Assessment of Educational Institutions,” Aptisi Trans. Technopreneursh., vol. 2, no. 2, pp. 167–179, 2020, doi: 10.34306/att.v2i2.103.

J. S. Suroso, S. M. N. Rahaju, and Kusnadi, “Evaluation of IS Risk Management Using Octave Allegro in Education Division,” 2018 Int. Conf. Orange Technol. ICOT 2018, pp. 1–8, 2018, doi: 10.1109/ICOT.2018.8705866.

C. Alberts and J. Stevens, “Introduction to the OCTAVE approach,” no. August, pp. 121–129, 2010, doi: 10.1016/b978-0-7020-3055-0.00004-2.

R. a R. a. C. Caralli, J. F. Stevens, L. R. Young, and W. R. Wilson, “Introducing OCTAVE Allegro : Improving the Information Security Risk Assessment Process,” Young, no. May, pp. 1–113, 2007.

S. Amraoui, M. Elmaallam, H. Bensaid, and A. Kriouile, “Information Systems Risk Management: Litterature Review,” Comput. Inf. Sci., vol. 12, no. 3, p. 1, 2019, doi: 10.5539/cis.v12n3p1.

D. H. Stamatis, Introduction to Risk and Failures. 2014. doi: 10.1201/b16855.

D. Landoll, The Security Risk Assessment Handbook. 2016. doi: 10.1201/b10937.

E. Wheeler, Security Risk Management: Building an Information Security Risk Management Program from the Ground Up, vol. 31, no. 2. 2012. doi: 10.1016/j.cose.2011.12.011.

Abstract views: 121 times
Download PDF: 71 times
How to Cite
Gerardo, V., & Fajar, A. (2022). Academic IS Risk Management using OCTAVE Allegro in Educational Institution. Journal of Information Systems and Informatics, 4(3), 687-708.