Evaluation Of IS Risk Management Using Octave Allegro In Education Division

Suroso, Jarot S.; Rahaju, Sri Mumpuni Ngesti; Kusnadi,

doi:10.1109/icot.2018.8705866

Cited by 2 publications

(5 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Related Workmentioning

confidence: 99%

“…Similarly, [31] found the biggest gap in the organisation's contingency plan/disaster recovery plan and vulnerability management. Using the activities included in the OCTAVE Catalog of practices [31] demonstrated an approach to the evaluation of information risk management maturity. The method focuses on the evaluation of 17 risk management related areas (such as security awareness and training, strategy, management, policies, physical security, etc) and enables to determine maturity for each area as well as overall maturity score.…”

Section: Related Workmentioning

confidence: 99%

“…Comparing our results with other researches, it is evident that the final conclusions are similar. In assessing ISM performance several studies confirmed that organisations most often struggle to develop and perform activities related to vulnerability, risks, incidents, procedures, and resources management [30,31,33,39]. The State of Security Operations study [59], found that more than two-thirds of all organisations provide their information security merely through the most basic detection and response capacities.…”

Section: Plos Onementioning

confidence: 99%

See 2 more Smart Citations

A real-world information security performance assessment using a multidimensional socio-technical approach

2020

View full text Add to dashboard Cite

Measuring the performance of information security is an essential part of the information security management system within organisations. Studies in the past mainly focused on establishing qualitative measurement approaches. Since these can lead to ambiguous conclusions, quantitative metrics are being increasingly proposed as a useful alternative. Nevertheless, the literature on quantitative approaches remains scarce. Thus, studies on the evaluation of information security performance are challenging, especially since many approaches are not tested in organisational settings. The paper aims to validate the model used for evaluating the performance of information security management system through a multidimensional socio-technical approach, in a real-world settings among medium-sized enterprises in Slovenia. The results indicate that information security is strategically defined and compliant, however, measures are primarily implemented at technical and operational levels, while its strategic management remains underdeveloped. We found that the biggest issues are related to information resources and risk management, where information security measurement-related activities proved to be particularly problematic. Even though enterprises do possess certain information security capabilities and are aware of the importance of information security, their current practices make it difficult for them to keep up with the fast-paced technological and security trends.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Plos Onementioning

confidence: 99%

See 1 more Smart Citation

A real-world information security performance assessment using a multidimensional socio-technical approach

2020

View full text Add to dashboard Cite

show abstract

“…In this research the researchers found that there are a few risks factors inside the educational institution and OCTAVE Allegro can be inducted without direct participation inside the organization. Another research using OCTAVE Allegro in a educational institution is from [6] which was conducted in 2018. In this research, where the Vincentius Gerardo, Ahmad Nurul Fajar | 689 maturity level of the risk management is 89.40% and there is gap between the contingency plan and vulnerability management practices with the score 87.88% and 66.67% respectively [6].…”

Section: Introductionmentioning

confidence: 99%

“…Another research using OCTAVE Allegro in a educational institution is from [6] which was conducted in 2018. In this research, where the Vincentius Gerardo, Ahmad Nurul Fajar | 689 maturity level of the risk management is 89.40% and there is gap between the contingency plan and vulnerability management practices with the score 87.88% and 66.67% respectively [6].…”

Section: Introductionmentioning

confidence: 99%

Academic IS Risk Management using OCTAVE Allegro in Educational Institution

Gerardo

Fajar

2022

Journal-ISI

View full text Add to dashboard Cite

Today, the use of technology is a common thing that is used to support everyday life. However, this technology also carries risks that can compromise the security of information in organizations. Kalbis Institute is a private campus in the East Jakarta area that has been established since 2012. The academic information system used there includes all actors in the campus environment. This risk analysis is carried out to see and understand what risks exist in the current information system. This risk analysis will assess how likely there are threats and vulnerabilities to information systems. This study uses the OCTAVE Allegro method with the help of the OCTAVE Allegro Worksheet. The purpose of this study is to conduct a risk analysis of the academic information system at Kalbis Institute. The result of this study is to look at risk assessments and recommendations for strategies to protect information systems within organization.

show abstract

Evaluation Of IS Risk Management Using Octave Allegro In Education Division

Cited by 2 publications

References 10 publications

A real-world information security performance assessment using a multidimensional socio-technical approach

A real-world information security performance assessment using a multidimensional socio-technical approach

Academic IS Risk Management using OCTAVE Allegro in Educational Institution

Contact Info

Product

Resources

About