INFORMATION SYSTEM SECURITY RISK MANAGEMENT ANALYSIS IN UNIVERSITAS ADVENT INDONESIA USING OCTAVE ALLEGRO METHOD

Universitas Advent Indonesia is one of the many universities that use information technology to support their business processes in the hope that information technology will provide significant benefits. The use of information technology in supporting a business can not be separated from the risks that might be faced. for that, good management of information technology will be the key to how much risk will be faced. In this case, the researcher will conduct an analysis of information system risk management at the Universitas Advent Indonesia. The method used by researchers is OCTAVE ALLEGRO. OCTAVE ALLEGRO is a method that is often used to carry out analysis in the field of risk management and risk assessment. The purpose of this study was to identify risks that could potentially threaten business processes at Universitas Advent Indonesia by first identifying the impact of the area, determining the scale of priorities etc. The results of the study using OCTAVE Allegro is a risk reduction approach for each area of concern of each UNAI critical information asset namely student financial information, lecturer financial information, student score information, student transcript information, and class attendance data. UNAI makes written rules regarding responsibilities in maintaining information security and sanctions for violators and do socialize about the rule well gradually to Universitas Advent Indonesia employees. Re-evaluate information security by using OCTAVE Allegro method periodically, for example, once every 2 years.