Penilaian Risiko Keamanan Data Karyawan Pada Sistem Informasi Dengan Menggunakan Framework Nist Sp 800-30 pada PT. ABC
Keywords:risk management, NIST SP 800-30, risk assessment
Security of employee data in the information system has several risks that can occur which of course can cause losses for the company. Risk can be in the form of events and conditions that can disrupt services and hinder the decision-making process. The purpose of this study is to describe the implementation of employee data security risk management in the company PT. ABC uses the NIST SP 800-30 framework to determine emerging risks. If there is no risk management in the company, the company will not know what risks occur and the impacts that occur. This research begins by mapping risks, assessing risks, and providing recommendations according to the level of threat. The overall risk results consist of natural, human, and technical errors, the potential risk is 14% for low risk, 36% for moderate risk, and 50% for high risk. The advice given is: that to perform regular system maintenance, the system needs to be supported by adequate software & hardware.
How to Cite
Copyright (c) 2022 nur fitrianti fahrudin, Aditya Nugraha S, Kurnia Ramadhan Putra
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Submission of a manuscript implies that the submitted work has not been published before (except as part of a thesis or report, or abstract); that it is not under consideration for publication elsewhere; that its publication has been approved by all co-authors. If and when the manuscript is accepted for publication, the author(s) still hold the copyright and retain publishing rights without restrictions. Authors or others are allowed to multiply the article as long as not for commercial purposes. For the new invention, authors are suggested to manage its patent before published. The license type is CC-BY-SA 4.0.