Analisis Penilaian Risiko Terhadap Penggunaan Sistem Informasi Akademik Pada Universitas Muhammadiyah Palembang Menggunakan Metode Octave Allegro

Abstract

The development of technology in meeting information needs has been implemented at the Muhammadiyah University of Palembang where there are various information systems used in managing information as a basis for creating quality services and supporting optimization in the work process. However, apart from the perceived benefits, the increasing dependence on information systems is in line with the risks that can arise, one of which is the risk of information security where information is an important asset for an organization that needs to be protected and secured. As an effort to maintain and protect information security, it is necessary to carry out risk evaluation in order to identify and anticipate risks that can interfere with information security. This study aims to conduct a risk assessment analysis of the use of Academic Information Systems as a very crucial information system in a university. This risk assessment analysis uses the Octave Allegro method with the main focus on information assets which consists of 8 steps and is organized into 4 stages starting with determining drivers, developing information asset profiles, identifying threats, and identifying and mitigating risks. The results of this study are 10 (ten) areas of concern with a mitigation approach of 7 (seven) risks that must be reduced (mittigate), 2 (two) risks that can be deferred (defer), and 1 (one) risk. that can be accepted (accept). From the risk assessment carried out, recommendations are given to prevent / minimize the identified risks as an effort to maintain and improve information security.