Information Technology Risk Measurement: Octave-S Method
Abstract: The purpose of this
research are to identify the risk of IT in the company and make some
recommendation to solve any risk happened in the company, and also to give the
reference in measure the risk of IT in the company. Research Method used are
book studies, field studies, and analysis techniques. Book studies by
collecting the information from books and journal. Then, for field studies, it
done by interview, and observation to the company. Analysis techniques done by
qualitative approach and using the Octave-S (Operational Threat Asset and
Vulnerability Evaluation) – S as the method to measure the risk of IT in the
company. The result of this research will be a description of Information
Technology in the company and give any risk happened in IT and mitigation
activity through the risk in the company. Conclusion of the research are
looking for three critical areas, such the awareness and security training,
security strategy, security management, and disaster recovery.
Author: Rudy M Harahap
Journal Code: jptinformatikagg110013
