RRI uses the Information System of Human Resources (SIMPEG), which is used by the RRI Public Broadcasting Institution (LPP RRI), to access personnel data. During the operation of SIMPEG RRI, the system has never been subjected to risk management and there are several problems such as power outages, full backup server storage, and server down because the hardware used is outdated so its use is less than optimal which causes SIMPEG RRI to be inaccessible. Therefore, this study will discuss the system's risk assessment to avoid other risks that have a negative impact on SIMPEG RRI. This study uses the NIST SP 800-30 method for risk assessment and the NIST SP 800-53 Rev 5 method for control recommendations. In conducting this risk assessment, the author collects data and information using qualitative methods, which is assisted by a questionnaire as a tool to support interviews and observations. After the risk assessment analysis was carried out, it was found that there were 10 Moderate risks and 6 Low risks. Control recommendations are arranged based on risk levels of 18 control groups with the number of moderate risk control recommendations being 12 control groups and low risk recommendations being 6 control groups.
Copyrights © 2026