The Octave Allegro Method in Risk Management Assessment of Educational Institutions
Keywords:Risk management, Information Systems, Assessment
Risk management is useful in overcoming various problems such as not optimal business processes, the company’s reputation down, financial loss, or bankruptcy of a company. In the application of information systems, most organizations or companies have not noticed the importance of information systems security as well as the assets and impacts that arise. For that, the risk management assessment is used in reducing the errors that occur in the information system of the company's business processes. The risk management assessment is applied to the information system along with its assets in evaluating the possibilities of menaces and vulnerabilities. The Risk management assessment analysis is applied to the academic information system in universities. The result of the risk assessment is the results of recommendations on the stages that need to be done in protecting the assets of information systems and information systems themselves.
P. Hills, “International Journal of Information Management,” Int. J. Inf. Manag. J. Inf. Prof., vol. 26, no. 1, pp. 1–2, 2006.
G. Christakos, Stochastic Environmental Research and Risk Assessment. Springer-Verlag, 1999.
J. A. O’Brien and G. M. Marakas, “Introduction to Information Systems (Vol. 13). New York City.” USA: McGraw-Hill/Irwin, 2005.
A. A. Rampini, S. Viswanathan, and G. Vuillemey, “Risk management in financial institutions,” J. Finance, vol. 75, no. 2, pp. 591–637, 2020.
K. Mhetre, B. A. Konnur, and A. B. Landage, “Risk management in construction industry,” Int. J. Eng. Res, vol. 5, pp. 153–155, 2016.
S. Alhawari, L. Karadsheh, A. N. Talet, and E. Mansour, “Knowledge-based risk management framework for information technology project,” Int. J. Inf. Manage., vol. 32, no. 1, pp. 50–65, 2012.
H. Stewart and J. Jürjens, “Information security management and the human aspect in organizations,” Inf. Comput. Secur., 2017.
B. Ali and A. I. Awad, “Cyber and physical security vulnerability assessment for IoT-based smart homes,” sensors, vol. 18, no. 3, p. 817, 2018.
A.-M. Suduc, M. Bîzoi, and F. G. Filip, “Audit for information systems security,” Inform. Econ., vol. 14, no. 1, p. 43, 2010.
R. L. Krutz, R. D. Vines, and E. M. Stroz, The CISSP Prep Guide: Mastering the ten domains of computer security. Citeseer, 2001.
C. Anderson, R. L. Baskerville, and M. Kaul, “Information security control theory: Achieving a sustainable reconciliation between sharing and protecting the privacy of information,” J. Manag. Inf. Syst., vol. 34, no. 4, pp. 1082–1112, 2017.
S. K. Pandey, “A comparative study of risk assessment methodologies for information systems,” Bull. Electr. Eng. Informatics, vol. 1, no. 2, pp. 111–122, 2012.
M. T. Jufri, M. Hendayun, and T. Suharto, “Risk-assessment based academic information System security policy using octave Allegro and ISO 27002,” in 2017 Second International Conference on Informatics and Computing (ICIC), 2017, pp. 1–6.
E. Goldman, “Challenges and Concerns for Implementing OCTAVE Allegro in a University Environment.” 2013.
T. Aven, “Foundational issues in risk assessment and risk management,” Risk Anal. An Int. J., vol. 32, no. 10, pp. 1647–1656, 2012.
R. A. Caralli, J. F. Stevens, L. R. Young, and W. R. Wilson, “Introducing octave allegro: Improving the information security risk assessment process,” Carnegie-Mellon Univ Pittsburgh PA Software Engineering Inst, 2007.
S. Santoso, J. Kauf, and N. Aristo, “The Information System Of Name Card Sales Based On Digital Marketing To Improve Creativepreneur On College E-Commerce Website”, Aptisi Transactions On Technopreneurship (ATT), vol. 1, no. 1, pp. 64-72, Mar. 2019.
E. Febriyanto, R. Naufal, and S. Sulistiawati, “Planning of the Web-based E-Raport Assessment System”, Aptisi Transactions On Technopreneurship (ATT), vol. 2, no. 1, pp. 48-58, Jan. 2020.
A. Alwiyah, C. Greisy, and A. Afitri, “Implementation Of Information Systems On E-commerce Websites As Media To Deliver Information”, Aptisi Transactions On Technopreneurship (ATT), vol. 1, no. 2, pp. 127-133, Aug. 2019.
T. Hariguna, E. Harahap, and S. Salsabila, “Implementation of Business Intelligence Using Highlights in the YII Framework based Attendance Assessment System”, Aptisi Transactions On Technopreneurship (ATT), vol. 1, no. 2, pp. 109-116, Aug. 2019.
Hariguna, Taqwa, Muhamad Yusup, and Agung Priyadi. 2019. “The Transaction Optimization Of Color Print Sales Through E-Commerce Website Based On Yii Framework On Higher Education.” Aptisi Transactions On Technopreneurship (ATT) 1(1): 1–10.
Santoso, Sugeng, Josch Kauf, and Nabila Cynthia Aristo. 2019. “The Information System of Name Card Sales Based on Digital Marketing to Improve Creativepreneur on College E-Commerce Website.” Aptisi Transactions On Technopreneurship (ATT) 1(1): 64–72.
. Zarlis, Muhammad, Eka Purnama Harahap, and Lina Naelal Husna. 2019. “Test Appraisal System Application Based on YII Framework as Media Input Student Value Final Project and Thesis Session at Higher Education.” Aptisi Transactions On Technopreneurship (ATT) 1(1): 73–81.
How to Cite
Copyright (c) 2020 Jane Hom, Boonsri Anong, Kim Beom Rii, Lee Kyung Choi, Kenita Zelina
This work is licensed under a Creative Commons Attribution 4.0 International License.
This journal permits and encourages authors to post items submitted to the journal on personal websites while providing bibliographic details that credit its publication in this journal.
Authors are permitted to post their work online in institutional/disciplinary repositories or on their own websites. Pre-print versions posted online should include a citation and link to the final published version in Journal of Librarianship and Scholarly Communication as soon as the issue is available; post-print versions (including the final publisher's PDF) should include a citation and link to the journal's website.