Assessment IT Risk Management at The Computer and Network Laboratory School

Abstract

The Computer and Network Engineering Laboratory School is a means for teaching and learning that has problems with information technology. In this research, IT Risk Management Assessment will be carried out at the Computer and Network Engineering Laboratory of School. This research was conducted to determine what risks of what happened. In this study, the NIST SP 800-30r1 Framework method will be used to obtain risk scores. While for data collection techniques will use qualitative analysis. The stages of risk assessment carried out include Prepare for Assessment, Conduct Assessment, Communicate Result, and Maintain Assessment. From the assessment stage, the level of risk obtained is in a moderate position. This assessment was taken from the results of interviews with five respondents in the organization management of The Computer and Network Engineering Laboratory School. Emerging risks have a serious impact on assets, organization and activities in The Computer and Network Engineering Laboratory School