CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Analysis of Risk Assessment on Electronic Services using OCTAVE Allegro Framework

by Eka Anggraini, Imam Riadi
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 183 - Number 5
Year of Publication: 2021
Authors: Eka Anggraini, Imam Riadi
10.5120/ijca2021921273

Eka Anggraini, Imam Riadi . Analysis of Risk Assessment on Electronic Services using OCTAVE Allegro Framework. International Journal of Computer Applications. 183, 5 ( May 2021), 26-32. DOI=10.5120/ijca2021921273

@article{ 10.5120/ijca2021921273,
author = { Eka Anggraini, Imam Riadi },
title = { Analysis of Risk Assessment on Electronic Services using OCTAVE Allegro Framework },
journal = { International Journal of Computer Applications },
issue_date = { May 2021 },
volume = { 183 },
number = { 5 },
month = { May },
year = { 2021 },
issn = { 0975-8887 },
pages = { 26-32 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume183/number5/31924-2021921273/ },
doi = { 10.5120/ijca2021921273 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:19:53.372144+05:30
%A Eka Anggraini
%A Imam Riadi
%T Analysis of Risk Assessment on Electronic Services using OCTAVE Allegro Framework
%J International Journal of Computer Applications
%@ 0975-8887
%V 183
%N 5
%P 26-32
%D 2021
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Awareness of the importance of information system security and its assets and impacts what might happen as a result of damage to the information system and its assets still seems to have not received the attention of most organizations. LIPI BPTBA correspondence services are managed using an information system that can manage correspondence services in the organization. This system is called TNDE (Electronic Service Manuscript Administration). TNDE allows for risks that can interfere with information assets and the main objectives of the organization but cannot be separated from problems so that it creates risks to security and information assets. This study aims to analyze risk management assessments using the framework Octave Allegro that organizations can determine risk priorities and create a mitigation approach to risks that may occur in TNDE services. Octave Allegro has four phases and eight stages, namely building risk measurement criteria, developing information asset profiles, identifying containers information asset, identifying areas of concern on aspects technical, physical, and people container, identifying threat scenarios, identifying risks, analyzing risks, and choosing an approach. Mitigate the risks that may occur. Based on the final results of interviews and risk assessments that have been carried out at the TNDE BPTBA LIPI Yogyakarta service, the results of the approach mitigate are 2, defer is 3, and accept is 2. The highest risk that needs to be prioritized is from the aspect physical container with a value of 32, while the smallest risk is a technical container with a value of 15. Thus this research that has been carried out can provide benefits for BPTPA LIPI Yogyakarta.

References
  1. NL Kuntari, YH Chrisnanto, and AI Hadiana, "Risk Management of Information Systems at Jenderal Achmad Yani University Using the OCTAVE Allegro Method," Semnati, pp. 551–558, 2018.
  2. ED Chairunis, "Analysis of Risk Assessment on EPrints Repository Services Using the OCTAVE Allegro Framework. Risk Assessment Analysis on EPrints Repository Services Using the OCTAVE Allegro Framework," no. September, 2019.
  3. P. Aristasari and I. Riadi, "Risk Management in a Learning Management System Using the OCTAVE Allegro Framework," pp. 1–15, 2011.
  4. M. Sukri, “Risk Management Analysis on Administration System using OCTAVE Allegro Framework,” pp. 1–6, 2020.
  5. JJL Tobing and AK Puspa, "Risk Management Analysis for Asset Evaluation Using the Octave Allegro Method," Expert J. Manaj. Sist. Inf. and Teknol., vol. 5, no. 1, 2015, doi: 10.36448 / jmsit.v5i1.719.
  6. MR Weitekamp, ​​"Management Information Systems," Portable Heal. Adm., pp. 109–136, 2003, doi: 10.1016 / B978-012780590-0 / 50047-X.
  7. AL Setyabudhi, "Designing a Web-Based Information System for Attendance Data Processing and Work Leave Letter Retrieval," JR J. RESPONSIVE Tek. Inform., vol. 1, no. 1, pp. 11–22, 2017, doi: 10.36352 / jr.v1i1.84.
  8. H. Ikhsan, N. Jarti, JTU Baja, P. Studi, T. Industry, and O. Allegro, "Information Technology Security Risk Analysis," vol. 2, no. 1, pp. 31–41, 2019.
  9. Catherine, Angela, C. Sylvia, and Handoko, “Risk Management Analysis of Electronic-Based Learning Systems,” Semin. Nas. Technol. Inf. and Commun. 2019 (SENTIKA 2019), no. June, pp. 9–18, 2019.
  10. RRP Lawoliyo, "Risk Management Analysis for the expansion of PLTU XXX UNIT X and Y 2x50 MW," 2018.
  11. B. Wijayantini, "Risk Management Approach Model," Jeam, vol. XI, no. 2, pp. 57–64, 2012.
  12. A. Novia Rilyani, YA Firdaus W ST, and DS Dwi Jatmiko, "Risk Management-Based Information Technology Risk Analysis Using ISO 31000 (Case Study: i-Gracias Telkom University) Information Technology Risk Analysis Based On Risk Management Using Iso 31000 (Case Study: i-Gracias Telkom University), ” e-Proceeding Eng., vol. 2, no. 2, pp. 6201–6208, 2015.
  13. Heru pratama, "Information System Security Audit at the Samsat Office in Krui City Using Cobit 5," vol. 2015, no. Sentika, 2018, doi: 10.31219 / osf.io / pkrej.
  14. Raden Budiarto, "Information System Security Risk Management Using Fmea And Iso 27001 Methods In Xyz Organizations," J. Comput. Eng. Syst. Sci., vol. 2, no. 2, pp. 48–58, 2017.
  15. AN Puriwigati and UM Buana, "Management Information Systems-Information Security," no. May, 2020.
  16. E. Handoyo, R. Umar, and I. Riadi, "Analysis Security of SIA Based DSS05 on COBIT 5 Using Capability Maturity Model Integration (CMMI)," Sci. J. Informatics, vol. 6, no. 2, pp. 193–202, 2019, doi: 10.15294 / sji.v6i2.17387.
  17. T. Wahyuni ​​and P. Harto, "Analysus of The Effect of Cooperate Governance and Company Characteristics on The Existence of Risk Management Commites (Case study of companies listing on the IDX for the period 2008-2010)," Diponegoro J. Account., vol. 1, no. 1, pp. 555–566, 2012.
  18. Setiono Winardi, “ISO 31000-2009,” pp. 4–7, 2009
  19. Alberts, CJ, & Dorofee, A., 2002. Managing information security risks: the OCTAVE approach. Addison-Wesley Longman Publishing Co., Inc.
  20. M. Rachmaniah and B. Mustafa, “Information Insecurity Risk Assessment Using the Octave Allegro Method,” J. Pustak. Indonesia., vol. 14, no. 1, 2015.
  21. BL Mahersmi, MF Artowini, and BC Hidayanto, "Information Security Risk Analysis Using OCTAVE Methods and Control 27001 at Dishubkominfo Tulungagung Regency," Semin. Nas. Sist. Inf. Indonesia., no. November, pp. 181–194, 2016.
  22. Arum, kalkim 2018. Risk Assessment Analysis Using Allegro Octave Framework Case Study of Library Management Information System SMA Muhammadiyah 1 Yogyakarta. Thesis, Information System, Ahmad Dahlan University, Yogyakarta.
  23. Caralli, RA, Steven, JF, Young, LR, & Wilson, RW 2007. Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process. USA: Carnegie Mellon University Software Engineering Institute.
  24. Jakaria, D., R. Teguh Dirgahayu, and Hendrik. Risk Management of Academic Information Systems in Higher Education Using the OCTAVE Allegro Method. Seminar Nasional Aplikasi Teknologi Informasi (SNATI) 2013. Yogyakarta.
Index Terms

Computer Science
Information Sciences

Keywords

Risk Assessment OCTAVE Allegro Mitigation.

Powered by PhDFocusTM