Abstract
Security audit and risk management can be done using standard framework. NIST is one of the framework which usually used to identify the security and risks on information system. The assessment is done to the security and risk in academic information system at Univeristas Sangga Buana (USB) Bandung that it is expected to minimize the risks occurs to the academic information system. The result of security audit on academic information system with NIST SP 800–26 framework shows the security on the system has the whole score as big as 72.43%. the score is obtained from the calculation of 3 categories tested namely Management Control, Operational Control, and Technical Control. Based on the data, the security of information system in USB belongs to level 3, Implemented Procedures and Controls. Risk management is done using some stages on NIST SP 800–30, with the help of Acunetix Scanning Application. Based on the result of scanning using Acunetix, academic information system at USB has 600 pieces of vulnerabilities. These vulnerabilities divided into 4 levels of vulnerability, namely 4 pieces of high level of vulnerabilities, 40 pieces of medium level of vulnerabilities, 13 pieces of low level of vulnerabilities, and 543 pieces of informational vulnerabilities
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
