Perancangan Manajemen Risiko Keamanan Sistem Informasi Manajemen Sumber Daya dan Perangkat Pos dan Informatika (SIMS) Menggunakan Metode NIST 800-30

Abstract

The development of an information system used in a government institution becomes very important if the system is part of storing data that is a state asset. SIMS contains data on frequency spectrum users who already have permits and contribute to Non-Tax State Revenue (PNBP). SIMS consists of public service applications and non-public service applications. In this study, an evaluation of SIMS risk management was developed using the NIST 800-30 framework. This research begins with risk identification, risk mitigation and evaluation of existing risks then provides recommendations for the control needed for SIMS.The results of the documentation of the information security risk assessment stages on SIMS using the NIST 800-30 method, it is necessary to take risk control and risk mitigation actions