Currently the need for the use of information systems has become important for institution and organizations. The use of information systems has also expanded to various fields, namely educational institutions. However, on the other hand information can be an important security gap. The important information that falls to other parties can result in loss to the owner of the information. This study aims to conduct an internal assessment of information security risks from the use of information systems, so that it can be seen what risks are very high and need to be mitigated. In this study, the Octave Allegro framework was used to conduct an internal assessment. The steps taken in conducting an information security risk assessment consist of 8 steps. Each step produces an output that is used as the basis for evaluating the next step. There are 2 areas that need attention and become the focus of improvement. Information security risk management needs to be carried out and monitored closely and regularly against risks that are determined to be important and have a high risk probability.
Copyrights © 2021