System Security Awareness Planning Model Using The Octave Method Approach

https://doi.org/10.22146/ijccs.43922

Zaied Saad Shouran(1*), Nur Rokhman(2), Tri Kuntoro Priyambodo(3)

(1) Computer and Electronics Science, Department, UGM, Yogyakarta
(2) Department of Computer Science and Electronics, Universitas Gadjah Mada
(3) Department of Computer Science and Electronics, Universitas Gadjah Mada
(*) Corresponding Author

Abstract


Awareness of the security of information systems is an important thing to note. In this study, we will discuss planning models of awareness about information system security using Octave models or methods. The analytical method used is qualitative descriptive analysis. The results of the study show that the Octave model can increase awareness about the importance of security in an information system and companies that implement it will be able to improve their performance in the future.

Keywords


awareness; security; Octave method

Full Text:

PDF


References

[1] Chazar, C. (2015). Management Standards for Information Systems Security Based on ISO / IEC 27001. Information Journal Volume VII No.2 / November / 2015. Bandung.

[2] M. Thierry and T. K. Priyambodo, “SMS and Web-Based e-Government Model Case Study: Citizens Complaints Management System at District of Gihosha –Burundi,” IJCCS (Indonesian J. Comput. Cybern. Syst., vol. 11, no. 1, p. 67, Jan. 2017 [Online]. Available: https://journal.ugm.ac.id/ijccs/article/view/17167.

[3] T. Wachowicz and P. Błaszczyk, “TOPSIS Based Approach to Scoring Negotiating Offer in Negotiation Support Systems,” Gr. Decis. Negot., vol. 22, no. 6, pp. 1021–1050, Nov. 2014 [Online]. Available: http://link.springer.com/10.1007/s10726-012-9299-1

[4] H. Núñez, M. Sànchez-Marrè, U. Cortés, J. Comas, M. Martínez, I. Rodríguez-Roda, and M. Poch, “A comparative study on the use of similarity measures in case-based reasoning to improve the classification of environmental system situations,” Environ. Model. Softw., vol. 19, no. 9, pp. 809–819, 2016.

[5] Sembiring, S. & Lubis, S. A. (2015). Application of ISO 27001 Based Information Security Index to Measure the Level of Information Security Readiness in Higher Education Institutions. 2014 SNASTIKOM Proceeding Vol-2.

[6] Cheristian, I., Fatoni., Negara, E. S.: ISO 27001: 2016 Planning and Implementation of Standards at PT. Sinar Sosro Palembang. From http://digilib.binadarma.ac.id/files/disk1/139/123-123- imamcheris-6945-1-journal-n.pdf.

[7] Rahardjo, B. (2015). Internet-based Information System Security. Bandung.

[8] P. S. Ardiantara, R. Sumiharto, and S. B. Wibowo, “Prototype of Control of Stable Position and Attitude on Unmanned Aircraft Using IMU and the Kalman Filter Fusion Sensor Algorithm,” IJEIS (Indonesian J. Electron. Instrum. Syst., vol. 4, no. 1, pp. 25–34, 2014 [Online]. Available: https://jurnal.ugm.ac.id/ijeis/article/view/4219.

[9] I. Dwicahyo Pratomo, A. Rouf, and T. Wahyu Supardi, “Hole Distance Measurement in Solid Objects Using Ultrasonic Sensors,” IJEIS (Indonesian J. Electron. Instrum. Syst., vol. 6, no. 1, p. 81, Apr. 2016 [Online]. Available: https://jurnal.ugm.ac.id/ijeis/article/view/10774.

[10] T. Nur Syahril Sidiq, A. Rouf, and T. Wahyu Supardi, “Solid Object Disability Detection System Using Ultrasonic Angle Variation Techniques,” IJEIS (Indonesian J. Electron. Instrum. Syst., vol. 6, no. 1, p. 69, Apr. 2016 [Online]. Available: https://jurnal.ugm.ac.id/ijeis/article/view/10773.

[11] Richard. A. Caralli. (2017). Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process. http://www.sei.cmu.edu/pub/documents/07.reports/07tr012.pdf.

[12] S. K. Pandey dan K. Mustafa. (2015). A Comparative Study of Risk Assessment Methodologies for Information Systems. Buletin Teknik Elektro dan Informatika, 1(2),111-122.

[13] A. M. Suduc, M. Bîzoi dan F. G. Filip. (2016). Audit for Information Systems Security. Journal Informatica Economică, 14(1),43-48.

[14] Christopher Alberts, Audrey Dorofee. 2016). Managing Information Security Risks: The OCTAVESM Approach. Publisher: Addison Wesley. ISBN : 0-321-11886-3.

[15] J. Simons. (2015). Information Security & ISO 27001. IT Governance Green Paper. The United Kingdom.

[16] S. K. Pandey dan K. Mustafa. (2012). A Comparative Study of Risk Assessment Methodologies for Information Systems. Buletin Teknik Elektro dan Informatika, 1(2),111-122.

[17] Joint Task Force Transformation Initiative (2011). Managing Information Security Risk: Organization, Mission, and Information System View. NIST Special Publication 800-39.

[18] A. M. Suduc, M. Bîzoi dan F. G. Filip. (2010). Audit for Information Systems Security. Journal Informatica Economică, 14(1),43-48.

[19] Technical Department of ENISA Section Risk Management (2006). Implementation principles and Inventories for Risk Management/Risk Assessment methods and tools. ENISA.



DOI: https://doi.org/10.22146/ijccs.43922

Article Metrics

Abstract views : 3335 | views : 3559

Refbacks

  • There are currently no refbacks.




Copyright (c) 2019 IJCCS (Indonesian Journal of Computing and Cybernetics Systems)

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.



Copyright of :
IJCCS (Indonesian Journal of Computing and Cybernetics Systems)
ISSN 1978-1520 (print); ISSN 2460-7258 (online)
is a scientific journal the results of Computing
and Cybernetics Systems
A publication of IndoCEISS.
Gedung S1 Ruang 416 FMIPA UGM, Sekip Utara, Yogyakarta 55281
Fax: +62274 555133
email:ijccs.mipa@ugm.ac.id | http://jurnal.ugm.ac.id/ijccs



View My Stats1
View My Stats2