MANAJEMEN RISIKO SISTEM INFORMASI PADA PERGURUAN TINGGI MENGGUNAKAN KERANGKA KERJA NIST SP 800-300
No Thumbnail Available
Date
2016-05-28
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Seminar Nasional Telekomunikasi dan Informatika (SELISIK 2016),Universitas Pasundan
Abstract
Often institution or organizations utilizing information technology to support the sustainability of the information systems that are running. For universities, information technology is one of the important components in the management of information system, where the success of the service of the college one of which depend on the extent to which the management of information technology that has been done. Bu not forever use of information technology in the management of information systems in line with expectations, the use of emerging risk that could disrupt the continuity of information systems can result in a lose for the collage. Risk that arise need to be addressed, so that the problems caused not result in the use of information technology can hinder system performance information that would be detrimental to college. Losses can be a material impact or immaterial. So that the risk management information system is essential to apply in college, because of the application of risk management is expected to reduce the risks that will occur in the information system.
NIST SP 800-300 is a framework used in risk management information system, which in the risk management process NIST provides three stages, risk assessment, risk mitigation, and risk evaluation. The results of the risk assessment, it is known three are three risks that could disrupt the continuity of information systems college, and each has a risks level of risk, including the high and medium. The end result of this activity in the form of recommendations to reduce the risk that will occur in the information system.
Description
Keywords
Risk management, information systems, NIST