Risk Management of Debtor Information System At Bank XYZ Using OCTAVE Allegro Method

Abstract

Risk assessment as part of the risk management of the debtor information system is conducted to assess how possible threats and vulnerabilities to the debtor's information system and assets. This study aims to analyze risk on the debtor information system at Bank XYZ, while the evaluation and analysis process is more focused on the management of critical assets owned by the bank. The analysis was carried out using the OCTAVE Allegro (Operationally Critical Threat, Assets and Vulnerability Evaluation) method. It is expected that this analysis will get the final results in the form of recommendations about the steps that must be taken to protect and manage the debtor information system critical assets at Bank XYZ.