Risk Assessment Technology on the Application of Admission of New Students in High School

Abstract

The rapid development of technology makes almost all service activities use information technology, including service activities in schools. One of the services provided by the school is to facilitate prospective students who are interested in registering as new students at school by building an open source-based new student registration application so that prospective students can register anywhere without having to come to school directly. The use of this application has several technological obstacles such as the system being locked due to being hacked by hackers, phishing, attacks from viruses, attacks from previous people who know the security of data from a computer system, unstable computer networks that affect the operational process to be slow, and low level of computer security. The purpose of this study is to provide recommendations for controlling the risk of using information technology in new student registration applications so as to minimize future losses to schools by measuring the likelihood and impact of using computer technology. The risk assessment model uses the NIST SP 800-30r1 framework, which is used as a tool to measure how big is the threat level and the impact caused by attacks that attack the application. The NIST SP 800-30r1 framework has stages such as recognizing system characteristics, threats, vulnerabilities, analyzing system handling, determining likelihood, determining impact, risk determination, recommending control, and determining results. The results of this study were used as recommendations to minimize losses obtained by schools and as a benchmark for controlling the risk of using technology to improve the quality of schools.
 Keywords: risk assessment technology, admission, high school