Analisis Manajemen Risiko Aset Teknologi Informasi pada Perusahaan Sistem Integrator dengan Menggunakan Metode Octave Allegro

Authors

  • Amelia Dwi Indriani Universitas Gunadarma
  • Tristyanti Yunitasari Universitas Gunadarma

Keywords:

Risk Management, OCTAVE Allegro, System Integrator, Information Technology, Information Security

Abstract

The utilization of information technology frequently carries significant security risks, both from external threats such as cyberattacks (viruses, malware, phishing, ransomware) and from internal factors such as human error. This research aims to identify, assess, and mitigate the risks of information technology assets in an Indonesian system integrator company using the OCTAVE Allegro method. This method was chosen because it focuses on critical information assets and provides a structured approach through eight steps in four phases of analysis. The results of the study show that there are four critical assets in the company's information technology, namely hardware, software, data and information, as well as access rights and credentials. Based on the risk assessment matrix, data and information assets have the highest risk score with an average of 38.8, followed by access rights and credentials (38), software (37.42), and hardware (36.33). All risk categories are in POOL 1, which means they require immediate mitigation measures. Consistent implementation of risk management is expected to strengthen the company's resilience to information security threats and also enhance its reputation and competitiveness in the technology industry.

References

Abdullah, N., Hanafi, H., & Nawang, N. I. (2021). Digital Era and Intellectual Property Challenges in Malaysia. Pertanika Journal Social Sciences & Humanities, 205-219.

Asrin, F., Ismarmiaty, Putra, S. A., Setyoningrum, N. G., & dkk. (2024). Keamanan Sistem Informasi. Sleman, Yogyakarta: PT Penamudamedia.

Caralli, R., Stevens, J., Young, L., & Wilson, W. (2007). Introducing OCTAVE Allegro. Pennsylvania, United States: Carnegie Mellon University.

Dewanto, N. (2025). Gajah Tidur yang Terbangun : 50 Tahun Inovasi Digital Metrodata. Jakarta: PT Kompas Media Nusantara.

Emmanuel, P., & Maulany, R. (2023). Penilaian Risiko Sistem Informasi Menggunakan Metode OCTAVE Allegro pada Indonesia Publishing House. KREA-TIF: Jurnal Teknik Informatika. https://doi.org/10.32832/krea-tif.v11i1.14179

Fathullah, M. A., & Subbarao, A. (2022). Security Risk Analysis for Information Asset. Journal of System and Management Sciences, Vol. 12. doi:10.33168/JSMS.2022.0412

Florackis, C., Louca, C., Michaely, R., & Weber, M. (2022). Cybersecurity Risk Review of Financial Studies, Forthcoming. Swiss Finance Institute Research. https://doi.org/10.2139/ssrn.3725130

Harahap, A., Andani, C., Christie, A., Nurhaliza, D., & Fauzi, A. (2023). Pentingnya Peranan CIA Triad Dalam Keamanan Informasi dan Data Untuk Pemangku Kepentingan atau Stakholder. Jurnal Manajemen dan Pemasaran Digital. https://doi.org//10-38035/jmpd.v1.i2

Hom, J., Anong, B., Rii, K., Choi, L., & Zelina, K. (2020). The Octave Allegro Method in Risk Management Assessment of Educational Institutions. Aptisi Transactions on Technopreneurship (ATT).

Kristiana, R., Rochman, A. S., Yusuf, M., & etc. (2022). Manajemen Risiko. Sumedang, Jawa Barat: CV. Mega Press Nusantara.

Pardosi, V., Deta, B., Nugroho, F., & Vandika, A. (2024). Sistem Keamanan Informasi. Solok, Sumatera Barat: PT Mafy Media Literasi Indonesia.

Pelatta, T., Maelissa, N., Titaley, H., & Tuanakotta, A. (2023). Analisa Risiko Pada Proyek Pembangunan Gedung Auditorium IAIN Kota Ambon. Journal Agregate, Vol 2 No.1.

Prasetyaningrum, G., Nurmayanti, F., & Azahra, F. (2022). Faktor-Faktor Yang Mempengaruhi Etika Sistem Informasi: Moral, Isu Sosial Dan Etika Masyarakat(Literature Review Sim). Jurnal Manajemen Pendidikan dan Ilmu Sosial, Vol. 3 No. 2. https://doi.org/10.38035/jmpis.v3i2.1115

Rohman, A., Ambarwati, A., & Setiawan, E. (2020). Analisis Manajemen Risiko IT dan Keamanan Aset Menggunakan Metode Octave-S. INTECOMS: Journal of Information Technology and Computer Science. https://doi.org/10.31539/intecoms.v3i2.1854

Sarjana, S., Nardo, R., Hartono, R., Siregar, Z., Irmal, Sohilauw, M., Badrianto, Y. (2020). Manajemen Risiko. Bandung: CV Media Sains Indonesia.

Sopian, A. (2021). Pemanfaatan Teknologi Informasi dan Digital pada Pendidikan Dasar Islam di MI Islam Tonoboyo Magelang. Journal of Primary Education, Vol 1 No 2. https://doi.org/10.37680/basica.v1i2.1039

Suryawijaya, T. (2023). Memperkuat Keamanan Data melalui Teknologi Blockchain: Mengeksplorasi Implementasi Sukses dalam Transformasi Digital di Indonesia. Jurnal Studi Kebijakan Publik. https://doi.org/10.21787/jskp.2.2023.55-68

Syafii, I., & Siregar, S. (2020). Manajemen Risiko Perbankan Syariah. Seminar Nasional Teknologi Komputer & Sains (SAINTEKS), 662-665.

Downloads

Published

2025-10-31

Issue

Vol. 9 No. 2 (2025): METHOMIKA: Jurnal Manajemen Informatika & Komputersisasi Akuntansi

Section

METHOMIKA: Jurnal Manajemen Informatika & Komputersisasi Akuntansi

License

Copyright (c) 2025 Amelia Dwi Indriani, Tristyanti Yunitasari

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.