{"title":"Information Technology Security Risk Management using the OCTAVE-S Method","authors":"Lutfi Rahmawati, Kristoko Dwi Hartomo","doi":"10.32520/stmsi.v12i3.3122","DOIUrl":null,"url":null,"abstract":"The Salatiga City Population and Civil Registration Office is a regional device organization that already uses information technology in its business processes. Although they have taken advantage of the information system, they have not yet conducted an assessment of risk threats and have not run a risk management. The source of the problem is a problem in implementing risk measurement and management techniques using the Octave-S method that focuses on organizations with no more than 100 members. This technique is used to identify and analyze threats to critical assets in Salatiga City Population and Civil Registration Service. The results of analysis of such threats will be useful when performing mitigation plans in accordance with existing security practices. From the research that has been conducted, there are 2 areas of security practice that produce yellow stoplight status which is a sign that the organization has implemented security practices but is not yet perfect. Both areas of security practice will be selected as mitigation areas.In","PeriodicalId":32357,"journal":{"name":"Jurnal Sistem Informasi","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Jurnal Sistem Informasi","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32520/stmsi.v12i3.3122","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The Salatiga City Population and Civil Registration Office is a regional device organization that already uses information technology in its business processes. Although they have taken advantage of the information system, they have not yet conducted an assessment of risk threats and have not run a risk management. The source of the problem is a problem in implementing risk measurement and management techniques using the Octave-S method that focuses on organizations with no more than 100 members. This technique is used to identify and analyze threats to critical assets in Salatiga City Population and Civil Registration Service. The results of analysis of such threats will be useful when performing mitigation plans in accordance with existing security practices. From the research that has been conducted, there are 2 areas of security practice that produce yellow stoplight status which is a sign that the organization has implemented security practices but is not yet perfect. Both areas of security practice will be selected as mitigation areas.In
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
