Risk Management Analysis on Organizational Website Using Octave Allegro Method

Abstract

The Website Portal of XYZ Organization has a crucial function for the sustainability of the organization's business processes. Applications are required to always meet stakeholder expectations which include confidentiality, integrity and availability. IT risk management implementation is needed to achieve these expectations. This research implements the Octave Allegro method to manage existing risks of XYZ's Organizational Website. Concern areas of this application are server room access, server access, security vulnerabilities, backup power and electricity which is also related to the services availability. The results showed that the availability of services have a Relative Risk Score (RRS) of 31 so it is necessary to mitigate and monitor continuously. The recommended mitigation is identification of risk of modification and theft of database, as well as identification of risk from backup data failure, identification of human / technician error risk, identification of hardware and software failure risk, identification of power failure risk, identification of network failure risk, identification of fire and natural disaster risks, also including identification of risk of theft important media or documents.