Information System Security Risk Management Analysis in Universitas Advent Indonesia Using Octave Allegro Method

Abstract

Universitas Advent Indonesia is one of the many universities that use information technology
to support their business processes in the hope that information technology will provide
significant benefits. The use of information technology in supporting a business can not be
separated from the risks that might be faced. for that, good management of information
technology will be the key to how much risk will be faced. In this case, the researcher will
conduct an analysis of information system risk management at the Universitas Advent
Indonesia. The method used by researchers is OCTAVE ALLEGRO. OCTAVE ALLEGRO
is a method that is often used to carry out analysis in the field of risk management and risk
assessment. The purpose of this study was to identify risks that could potentially threaten
business processes at Universitas Advent Indonesia by first identifying the impact of the area,
determining the scale of priorities etc. The results of the study using OCTAVE Allegro is a
risk reduction approach for each area of concern of each UNAI critical information asset
namely student financial information, lecturer financial information, student score
information, student transcript information, and class attendance data. UNAI makes written
rules regarding responsibilities in maintaining information security and sanctions for violators
and do socialize about the rule well gradually to Universitas Advent Indonesia employees.
Re-evaluate information security by using OCTAVE Allegro method periodically, for
example, once every 2 years.