Risk Analysis of Information Security in Balikpapan International Airport Service Desk Plus (SDP) Using The Octave Allegro Method

Abstract

Indonesia, as a developing country, is not exempt from the advancements in information and communication technology. However, these advancements in information and communication technology can bring negative impacts, such as an increasing threat of misuse. SDP (Service Desk Plus) is a system that serves as a management tool for IT services, facilitating employees from various departments in requesting services and reporting ICT (Information Communication Technology) incidents. SDP has faced challenges or obstacles that have hindered its optimal use, such as IT services experiencing downtime, inaccessible ICT services, and SDP users frequently sharing usernames and passwords. Based on these threats, it is necessary to conduct a further analysis of information security risks regarding the security of implementing SDP centrally using the OCTAVE Allegro method. OCTAVE Allegro is a framework that utilizes the OCTAVE approach with a primary focus on information assets, designed to provide faster results without requiring in-depth knowledge of risk assessment. The results of this research identified three risks that can be mitigated, namely user data password errors with a relative risk score of 27, internet downtime with a relative risk score of 31, and file intrusion with a relative risk score of 38, considering the likelihood of threats occurring. Additionally, there is one accepted risk, which is the input error of incident data, with a relative risk score of 19.