Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer
Ahmad Nur Kurniawan
Fakultas Ilmu Komputer, Universitas Brawijaya
Computer Science & IT Control & Systems Engineering Education Electrical & Electronics Engineering Engineering

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Penerapan Manajemen Risiko Teknologi Informasi menggunakan Metode OCTAVE-S pada UPT Pusat Komputer Politeknik Negeri Malang Ahmad Nur Kurniawan; Buce Trias Hanggara; Suprapto Suprapto
Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer Vol 4 No 6 (2020): Juni 2020
Publisher : Fakultas Ilmu Komputer (FILKOM), Universitas Brawijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

Malang State Polytechnic is a state university that is committed to the implementation and development of information technology. This commitment is realized with the existence of the Computer Center UPT (Puskom) as a unit responsible for technology. So far, the UPT Puskom has implemented ISO 9001: 2008 as a supplier service management standard. Regarding security responsibilities for the requirements of ISO 9001: 2008. However, this aspect of risk management is only a remedial program related to nonconformities. With the existence of risk management, this information is expected to strengthen the risk management aspects. Can reduce the risk that occurs. Based on the existing problems, it is necessary to do risk management using the OCTAVE-S method. This method uses the knowledge of UPT Puskom staff on the organization's security practices and processes, as well as evaluating the current security at the UPT Puskom. In applying the OCTAVE-S method, an interview process is needed to request information about the current Puskom requirements, find out important assets, as well as infrastructure related to important assets. Meanwhile, the questionnaire was carried out to implement the security practices that have been applied by the Center at present. And observations made to obtain more information that has been obtained to strengthen the information. The results of this study prove that Puskom has 2 important assets, namely academic information systems and Puskom information systems. In addition, there are 5 areas out of 15 security practice areas at the UPT Puskom that do not meet OCTAVE-S standards. From this area, 2 security practice areas have yellow traffic light status, and 3 security practice areas have red traffic light status. Areas of security practice that do not meet OCTAVE-S standards are then mitigated. Based on the law, there are 4 mitigation points, the access control area is 4 mitigation points, the management area considers 3 mitigation points, the design & security architecture area is provided 1 mitigation point, the management area reports 3 mitigation points.
Co-Authors Buce Trias Hanggara Supraptoa Supraptoa