Risk Analysis of Information Security in Balikpapan International Airport Service Desk Plus (SDP) Using The Octave Allegro Method

Novi Indrayani; Norma  Amalia

doi:10.47709/cnahpc.v5i2.2524

Authors

Novi Indrayani Mulia University
Norma Amalia Mulia University

DOI:

10.47709/cnahpc.v5i2.2524

Keywords:

Analysis, Risk, Security, SDP (Service Desk Plus), OCTAVE Allegro

Dimension Badge Record

Abstract

Indonesia, as a developing country, is not exempt from the advancements in information and communication technology. However, these advancements in information and communication technology can bring negative impacts, such as an increasing threat of misuse. SDP (Service Desk Plus) is a system that serves as a management tool for IT services, facilitating employees from various departments in requesting services and reporting ICT (Information Communication Technology) incidents. SDP has faced challenges or obstacles that have hindered its optimal use, such as IT services experiencing downtime, inaccessible ICT services, and SDP users frequently sharing usernames and passwords. Based on these threats, it is necessary to conduct a further analysis of information security risks regarding the security of implementing SDP centrally using the OCTAVE Allegro method. OCTAVE Allegro is a framework that utilizes the OCTAVE approach with a primary focus on information assets, designed to provide faster results without requiring in-depth knowledge of risk assessment. The results of this research identified three risks that can be mitigated, namely user data password errors with a relative risk score of 27, internet downtime with a relative risk score of 31, and file intrusion with a relative risk score of 38, considering the likelihood of threats occurring. Additionally, there is one accepted risk, which is the input error of incident data, with a relative risk score of 19.

Downloads

Download data is not yet available.

Google Scholar Cite Analysis
Abstract viewed = 191 times

References

Abdullah, K., Isnainiyah, I. N., & Faried, M. I. (2020). Risk Management Analysis on Organizational Website Using Octave Allegro Method. Proceedings - 2nd International Conference on Informatics, Multimedia, Cyber, and Information System, ICIMCIS 2020, 201–206.

Andersson, A., Hedström, K., & Karlsson, F. (2022). “Standardizing information security – a structurational analysis.” Information and Management, 59(3).

Caralli, R. A., Stevens, J. F., Young, L. R., & Wilson, W. R. (2007). Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process.

Deva, B. S., & Jayadi, R. (2022). Analisis Risiko dan Keamanan Informasi pada Sebuah Perusahaan System Integrator Menggunakan Metode Octave Allegro. Jurnal Teknologi Dan Informasi (JATI), 12(27), 12.

Herdianto, R. A., Ramli, K., & Suryanto, Y. (2022). Risk Assessment of Electronic Archive Services using Octave Allegro Method (Case Study: SIKN JIKN). IOP Conference Series: Materials Science and Engineering, 1232(1), 012007.

International Standard. (2013). Information technology-Security techniques-Information securitymanagement systems-Requirements.

Legowo*, N., & Saputra, K. A. (2019). Risk Management of Credit Card Payment Gateway using Octave Allegro Methodology At Electronic Payment Provider Institution. International Journal of Recent Technology and Engineering (IJRTE), 8(4), 11831–11838.

Nastiti, F. E., & Haryani, P. (2022). Analisis Risiko Keamanan Informasi E- gov Siskeudes menggunakan metode OCTAVE Allegro.

O’brien, M. (2005). Introduction to Information System.

Oluwatosin, H. S. (2014). Client-Server Model. IOSR Journal of Computer Engineering, 16(1), 57–71.

Ramadhintia, R., & Bisma2, R. (2021). Perencanaan Mitigasi Risiko Menggunakan Metode OCTAVE Allegro pada SMA Semen Gresik. JEISBI, 02.

Whitman, M. E. (2011). Principles of Information Security Fourth Edition.