Identification of Information Asset in Academic Information System
The application of Information Technology (IT) in the form of Academic Information Systems at the University of Muhammadiyah Riau (UMRI) has been carried out since 2010. Currently, academic activities at UMRI are very dependent on the existence of the information system. Activities carried out through academic information systems include student lecture registration, student study results, lecturer and student master data, scheduling lectures, lecture absences, and others. The application of this academic information system can pose a risk if the UMRI fails to assess the source of risk threats. This can result in the impact of information services being disrupted and the cessation of the decision making process. Risk is an uncertainty that can have a negative impact on an organization. Since its implementation to date, UMRI has never carried out systematic risk management. Even though the use of academic information systems at UMRI is currently crucial. Risk management is an effort from planning, organizing, leadership, controlling resources and activities to minimize the impact of losses and uncertainty on costs and consequences. Thus, risk management of information systems should be carried out by organizations that utilize Information Technology to support their activities. One method that can be used to build risk management of information systems is the Octave Allegro method. This method is a methodology for identifying risks to information systems related to information system security. Octave defines important components in a comprehensive, systematic, context-based information system security risk evaluation. The Octave Allegro method consists of 8 (eight) stages. The final result of this study is in the form of a risk assessment table and mitigation of risks to information assets. There are 8 (eight) crucial assets with a level of risk assessment of as low as 1 (one), moderate as much as 5 (five) and high as much as 2 (two).
All material contained in this site is protected by law. It is prohibited to quote part or all of the contents of this website for commercial uses without the approval of the board of editors of this journal.
If you find one or more articles contained in CELSciTech that violate or potentially infringe your copyright, please report to us, via email to Principle Contact.
The formal legal aspect of access to any information and articles contained in this journal site refers to the terms of the Creative Commons Attribution-ShareAlike (CC BY-SA).
All information contained in CELSciTech is academic. CELSciTech is not responsible for any losses incurred by misuse of information from this site.