Analisis Manajemen Risiko Keamanan Data Sistem Informasi (Studi Kasus: RSUD XYZ)
Abstract
This paper describes the implementation of OCTAVE Allegro method to evaluate several aspects related to information security risks of the information technology applied in a health institution. The evaluation was conducted at RSUD XYZ and referred to five impact areas: reputation and customer confidence, finance, productivity, security and health, and also penalties and punishment. The results show that the impact area of reputation and customer confidence has the highest risk assessment result among other areas. The overall result and discussion presented in this paper certainly does not violate the code of ethics for RSUD XYZ.
Downloads
References
[2] Ross, R. S., 2011. Managing Information Security Risk: Organization, Mission, and Information System View. Special Publication (NIST SP)-800-39.
[3] Goguen, A., Stoneburner, G., & Feringa, A., 2017. Risk Management Guide for Information Technology Systems and Underlying Technical Models for Information Technology Security.
[4] Maulana, M. M., & Supangkat, S. H., 2006. Pemodelan Framework Manajemen Risiko Teknologi Informasi untuk Perusahaan di Negara Berkembang. Prosiding Konferensi Nasional Teknologi Informasi & Komunikasi untuk Indonesia, 121-126.
[5] Alberts, C. J., & Dorofee, A., 2002. Managing information security risks: the OCTAVE approach. Addison-Wesley Longman Publishing Co., Inc.
[6] Wheeler, E., 2011. Security risk management: Building an information security risk management program from the Ground Up. Elsevier.
[7] Calder, A., & Watkins, S. G., 2010. Information security risk management for ISO27001/ISO27002. It Governance Ltd.
Copyright (c) 2018 Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)

This work is licensed under a Creative Commons Attribution 4.0 International License.
Hak cipta pada setiap artikel adalah milik penulis.
- Penulis mengakui bahwa Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) sebagai publisher yang mempublikasikan pertama kali dengan lisensi Creative Commons Attribution 4.0 International License.
- Penulis dapat memasukan tulisan secara terpisah, mengatur distribusi non-ekskulif dari naskah yang telah terbit di jurnal ini kedalam versi yang lain (misal: dikirim ke respository institusi penulis, publikasi kedalam buku, dll), dengan mengakui bahwa naskah telah terbit pertama kali pada Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) ;