Article Per Year (5 Year)
p-Index From 2021 - 2026
0.408
P-Index
This Author published in this journals
All Journal Sistemasi: Jurnal Sistem Informasi Indonesian Treasury Review: Jurnal Perbendaharaan, Keuangan Negara dan Kebijakan Publik International Journal of Social Science, Educational, Economics, Agriculture Research, and Technology (IJSET)
Yudho Giri Sucahyo
Universitas Indonesia
Agriculture, Biological Sciences & Forestry Humanities Computer Science & IT Economics, Econometrics & Finance Education Electrical & Electronics Engineering

Published : 3 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 3 Documents
Search

 1 
Manajemen Risiko Keamanan Informasi pada Sistem Aplikasi Keuangan Tingkat Instansi (SAKTI) Kementerian Keuangan Eko Supristiowadi; Yudho Giri Sucahyo
Indonesian Treasury Review: Jurnal Perbendaharaan, Keuangan Negara dan Kebijakan Publik Vol 3 No 1 (2018): Indonesian Treasury Review: Jurnal Perbendaharaan, Keuangan Negara, dan Kebijakan
Publisher : Direktorat Jenderal Perbendaharaan, Kementerian Keuangan

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (621.802 KB) | DOI: 10.33105/itrev.v3i1.20

Abstract

The aim of this study is to make information security risk management for SAKTI. The reason behind the study is SAKTI still does not have any tool to ensure the availability and continuity of SAKTI services. In order to make information security risk management for SAKTI, this study using the guidelines from several frameworks such as of ISO 27005 and NIST SP 800-30. The output of this study is the security risk management information for SAKTI, that contains the process of risk identification, selection of controls to mitigate risk, and acceptance of risk by risk owners. Abstrak Penelitian ini bertujuan untuk menyusun manajemen risiko keamanan informasi Sistem Aplikasi Keuangan Tingkat Instansi (SAKTI). Hal yang melatarbelakangi dilakukannya penelitian ini adalah karena SAKTI belum memiliki perangkat yang dapat memastikan keberlangsungan dan ketersediaan layanan SAKTI. Penelitian ini menggunakan beberapa standar seperti ISO 27005 dan NIST SP 800-30. Keluaran dari penelitian ini adalah sebuah manajemen risiko keamanan informasi SAKTI, yang di dalamnya terdapat proses identifikasi risiko, pemilihan kontrol untuk memitigasi risiko, dan penerimaan risiko oleh pemilik risiko.
Analysis of Government Employees’ Information Security Awareness: A Case Study of Pusinfowas BPKP Basrah Nasution; Setiadi Yazid; Yudho Giri Sucahyo
Sistemasi: Jurnal Sistem Informasi Vol 15, No 4 (2026): Sistemasi: Jurnal Sistem Informasi
Publisher : Program Studi Sistem Informasi Fakultas Teknik dan Ilmu Komputer

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.32520/stmsi.v15i4.6259

Abstract

The utilization of information technology as a tool that is widely believed to facilitate business processes within organizations is inseparable from challenges related to information security threats. According to the 2024 cyber incident report issued by the National Cyber and Crypto Agency (BSSN), data exposure threats accounted for 58.34%, with most incidents originating from the government administration sector. Humans are considered the weakest link in information security; therefore, the primary effort to improve security can begin with measuring the level of security awareness. Among the various work units within BPKP, Pusinfowas, as the central information technology management unit, is considered an appropriate sample for evaluation and is expected to contribute to improving information security awareness across other units. This study employs the Human Aspects of Information Security Questionnaire (HAIS-Q) model to measure the level of information security awareness among employees at Pusinfowas. The HAIS-Q model consists of three dimensions—knowledge, attitude, and behavior—and seven focus areas: password management, email use, internet use, social media use, mobile device use, information handling, and incident reporting. The results indicate that employees’ information security awareness is at a “Good” level, with scores ranging between 80% and 100% across all HAIS-Q dimensions and focus areas.
SECURITY ANALYSIS OF SUPERAPPS PUSAKA USING OWASP AND ISSAF Abdul Rozak Nurdiansyah; Setiadi Yazid; Yudho Giri Sucahyo
International Journal of Social Science, Educational, Economics, Agriculture Research and Technology (IJSET) Vol. 5 No. 7 (2026): JUNE
Publisher : RADJA PUBLIKA

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

Pusaka Super Apps is an integrated digital platform owned by the Ministry of Religious Affairs of the Republic of Indonesia (Kemenag) that provides various religious services for millions of users. Along with the increasing reliance on government digital services, threats to information system security are becoming more complex. This study conducts a security assessment of the Pusaka Super Apps web application ( https://pusaka-v3.kemenag.go.id ) using two complementary frameworks, namely OWASP Top 10 2025 and the Information Systems Security Assessment Framework (ISSAF). The research method is qualitative descriptive with black-box testing and gray-box testing approaches that include the stages of reconnaissance, scanning, enumeration, vulnerability assessment, and impact analysis. The results of the study identified several medium vulnerabilities, including Content Security Policy Header Not Set, Missing Anti-clickjacking Header, and Missing Sub Resource Integrity Attribute. This study provides structured remediation recommendations and serves as a contribution to efforts in strengthening cyber security for government applications in Indonesia.
Co-Authors Abdul Rozak Nurdiansyah Basrah Nasution Eko Supristiowadi Setiadi Yazid, Setiadi