PENGUKURAN MANAJEMEN RISIKO KEAMANAN INFORMASI PADA WEBSITE RESMI PEMERINTAH KABUPATEN XYZ MENGGUNAKAN METODE NIST SP 800-30
Public services have a crucial role in ensuring the continuity and progress of society, nation and state. In an effort to improve the quality of public services and effective, clean, transparent and accountable government management through an electronic-based system as stated in Presidential Regula...
Saved in:
| Main Author: | |
|---|---|
| Format: | Book |
| Published: |
2023-06-22.
|
| Subjects: | |
| Online Access: | Link Metadata |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Public services have a crucial role in ensuring the continuity and progress of society, nation and state. In an effort to improve the quality of public services and effective, clean, transparent and accountable government management through an electronic-based system as stated in Presidential Regulation no. 95 of 2018 concerning Electronic-Based Government Systems (SPBE), the Regional Government of XYZ Regency developed SPBE by establishing a publicly accessible government website. Apart from website managers, the public can easily access the site to get the information they need, so it might be at risk from irresponsible people. Based on interviews conducted with the Head of the Diskominfo Informatics Development Division, website defacement incidents occurred in 2020 and 2022. This risk has an impact on the security and integrity of data and other important assets related to information systems. Therefore, to maintain and secure information as an important government asset, managers need to carry out an assessment of data security risks on an ongoing basis. This research was conducted with the aim of measuring information security risk management on websites by following the steps of the NIST SP 800-30 method, reducing the impact of existing risks, and providing information security recommendations. The results of this study indicate that there are four 'medium' level risks, three 'high' level risks, and one extreme level risk on website supporting assets. As well as the determination of risk criteria shows that there are four assets with Risk Acceptance recommendation criteria, two assets have Risk Transfer recommendation criteria, and two assets have Risk Reduction recommendation criteria. In addition to these recommendations, it is hoped that managers can also improve monitoring and maintenance of supporting assets and develop information security risk measurements. |
|---|---|
| Item Description: | http://repository.upnvj.ac.id/25057/1/ABSTRAK.pdf http://repository.upnvj.ac.id/25057/2/AWAL.pdf http://repository.upnvj.ac.id/25057/3/BAB%201.pdf http://repository.upnvj.ac.id/25057/13/BAB%202.pdf http://repository.upnvj.ac.id/25057/5/BAB%203.pdf http://repository.upnvj.ac.id/25057/6/BAB%204.pdf http://repository.upnvj.ac.id/25057/7/BAB%205.pdf http://repository.upnvj.ac.id/25057/8/DAFTAR%20PUSTAKA.pdf http://repository.upnvj.ac.id/25057/14/RIWAYAT%20HIDUP.pdf http://repository.upnvj.ac.id/25057/10/LAMPIRAN.pdf http://repository.upnvj.ac.id/25057/11/HASIL%20PLAGIARISME.pdf http://repository.upnvj.ac.id/25057/12/ARTIKEL%20KI.pdf |