INFORMATION SECURITY RISK MANAGEMENT USING OCTAVE ALLEGRO METHOD AT UNIVERSITY

Abstract

Information is one of the important and valuable assets for the life of an organization's business. Information management is needed to maintain the confidentiality, integrity, and availability of the information from cyber attacks. These cyber attacks can be in form of viruses, malware, phishing, Distributed Denial-of-service (DoS), fraud, and Ransomware.The education sector is a significant contributor to the increase in cyber attacks during the COVID-19 pandemic. The use of ICT in higher education must have right information securityThis study aims to Analysis the risks of information security in higher education. Identification of information security risks necessary for the organization to take appropriate preventive and mitigating actions.OCTAVE Allegro is the framework used to perform risk management in this research. This framework focuses on the information assets owned by the organization. How the asset is used, stored, transferred, occurs and how threats (threats), vulnerabilities (vulnerabilities) and disturbances can be on the asset. The results of this study are recommendations for mitigating approach for identified risks.