Analisis Manajemen Risiko Keamanan Sistem Pengolahan Data Accurate Menggunakan Metode OCTAVE-S

Fajar Rido Butar Butar(1*), Eki Saputra(2), Arif Marsal(3), Muhammad Luthfi Hamzah(4), Mona Fronita(5),

(1) UIN Sultan Syarif Kasim Riau, Indonesia
(2) UIN Sultan Syarif Kasim Riau, Indonesia
(3) UIN Sultan Syarif Kasim Riau, Indonesia
(4) UIN Sultan Syarif Kasim Riau, Indonesia
(5) UIN Sultan Syarif Kasim Riau, Indonesia
(*) Corresponding Author

Abstract


PT.XYZ is a palm oil company currently implementing the Accurate data processing system to manage data at its factory. This system is utilized for weighing incoming palm fruit, processing palm fruit within the factory, and generating various reports. However, during the implementation process, the system has encountered several threats that have had an impact on the company. These threats include connection errors, human errors, and server downtime. To address these issues, a threat risk analysis is necessary to minimize the likelihood of similar problems occurring in the future. In this study, the OCTAVE-S method is employed as it offers solutions for managing other threats. The risk analysis results indicate that there are six security practices that pose a high risk to the company's system security. These practices are IT Security Monitoring and Audit, Authorization and Authentication, Vulnerability Management, Encryption, Security Planning and Architecture, and Incident Management. Based on these findings, it is recommended that the company conducts a review of its security practices to prevent the emergence of new risks that may affect its business processes.

Full Text:

PDF

References


Wardiana, W. (2002). “Perkembangan Teknologi Informasi di Indonesia”. Seminar dan Pameran Teknologi Informasi.

Mahersmi, B. (2016). “Analisis Risiko Dengan Menggunakan Metode Octave Dan Kontrol Iso 27001 Pada Dinas Perhubungan Komunikasi Dan Informatika Kabupaten Tulungagung”. Final Project Institut Teknologi Sepuluh Nopember.

Aisha, L., dkk. (2016). “Perancangan Tata Kelola Manajemen Layanan Teknologi Informasi Menggunakan ITIL V3”. Service Operation di Pemerintahan Kota Bandung.

Norken, I., Purbawijaya, I., dan Suputra, I. (2015). “Pengantar analisis dan manajemen risiko pada proyek konstruksi”. Denpasar: Udayana University Press.

Fahmi, I., dan Mulia, S. (2011). “Analysis of financial performance in a form of financial ratio before and after right issue at the indonesia’s stock exchange (bursa efek indonesia)”. International Journal of Business and social science.

Alberts, C., Dorofee, A., Stevens, J., dan Woody, C. (2005). “Octave-s implementation guide, version 1.0”. Manuel e´lectronique. Pittsburg, PA: Software Engineering Institute, Carbegie Mellon University.

Nyoman, B., Indrawan, G., Gunadi, A. (2022). “Analisis Risiko Keamanan Informasi Menggunakan Metode Octave Allegro Dan Analytical Hirarchy Process Pada Data Center Pemerintah Kabupaten Buleleng”. Jurnal Ilmu

Komputer Indonesia (JIK), Vol. 7, No. 1.

Supradono, B. (2009). “Manajemen Risiko Keamanan Informasi Dengan Menggunakan Metode Octave (Operationally Critical Threat, Asset, And Vulnerability Evaluation)”. Media Elektrika, Vol. 2, No. 1.

Rivai, A., Suroso, J., Pangemanan, F. (2020). “ICIMTech 2020: proceedings of 2020 International Conference on Information Management and Technology”. ICIMTech.

Moteff, J. (2005). “Risk management and critical infrastructure protection: Assessing, integrating, and managing threats, vulnerabilities and consequences”. Library of Congress Washington DC Congressional Research Service.

Budiarto, R. (2017). “Manajemen Risiko Keamanan Sistem Informasi Menggunakan Metode FMEA Dan ISO 27001 Pada Organisasi XYZ”. CESS (Journal of Computer Engineering System and Science), Vol. 2, No. 2.

Cahyabuana, B., Pribadi, A. (2020). “Konsistensi Penggunaan Metode FMEA (Failure Mode Effects and Analysis) terhadap Penilaian Risiko Teknologi Informasi (Studi kasus: Bank XYZ)”. Institut Teknologi Sepuluh Nopember (ITS).

Perdana, T. (2018). “Manajemen Resiko Keamanan Informasi pada Kantor Pelayanan Pajak Menggunakan METODE FMEA Dan ISO 27001”. Sriwijaya University.

Mutiah, N., Rusi, I., Tutik. (2022). “Analisis Dan Manajemen Risiko Keamanan Informasi Menggunakan Metode Failure Mode And Effects Analysis (FMEA) Dan Kontrol ISO/IEC 27001:2013 (Studi Kasus : Dinas Komunikasi Dan Informatika Kabupaten Sambas)”. Jurnal Komputer dan Aplikasi, Vol. 10, No. 02.

Novitasari, B., Tanaamah, A. (2021). “Analisis Manajemen Risiko Menggunakan COBIT 5 Domain APO12 (Studi Kasus: Yayasan Bina Darma)”. Journal of Information Systems and Informatics, Vol. 3, No. 3.

Tupa, J., Simota, J., Steiner, F. (2017). “Aspects of Risk Management Implementation for Industry 4.0.” Procedia Manufacturing.

Oliveira, E., dkk. (2017). “The ISO 31000 Standard in Supply Chain Risk Management.” Journal of Cleaner Production.

Ambarwati, A., Rusady, R. (2017). “Analisis Implementasi Teknologi Informasi pada Domain Deliver And Support di PT. RDPI”. Jurnal INFORM, Vol. 2, No. 2.

Nisa, F., dkk. (2022). “Analisis Manajemen Risiko Keamanan Sistem Bmkgsoft Menggunakan Metode OCTAVE-S”. Jurnal Ilmiah Rekayasa dan Manajemen Sistem Informasi, Vol. 8, No. 1.

Setyawan, A., Wijaya, A. (2018). “Analisis Manajemen Risiko Teknologi Informasi Pada Diskominfo Kota Salatiga Menggunakan Metode OCTAVE-S”. Seminar Nasional Sistem Informasi Indonesia.




DOI: http://dx.doi.org/10.30645/j-sakti.v7i2.676

Refbacks

  • There are currently no refbacks.



J-SAKTI (Jurnal Sains Komputer & Informatika)
Published Papers Indexed/Abstracted By:


Jumlah Kunjungan :

View My Stats